Part of a series on why PHP’s type system is the best in the world. This post explores why web languages need to be dynamically typed: because the internet is made of string.
Part of a series on why PHP’s type system is the best in the world. This post explores a class of bugs frequently seen in other dynamically typed languages, which doesn’t happen in PHP.
PHP Object Instantiation attacks are an appsec issue in PHP applications. They rely on meta-programming used to instantiate classes from user-defined classnames.
Object Injection in PHP. Object Injection vulnerability is security issue with PHP applications using the unserialize() function. In the worst case, it can lead to remote code execution.