Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    May 2008
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Hiring a PHP coder with security knowledge. What to look for?

    Hi

    I'm not looking to recruit, this is just a general theoretical question.

    If someone was to hire a contractor to build the back-end for a content submission system. What kinds of skills would they be looking for? Let's assume that it might be a system where users would submit content for review by the web site administrators.

    The content would not be of a National security status or banking/credit cards type of information, but it would need to be secure and there would certainly be privacy issues at stake.

    I'm far from being an expert at these things, so can anyone please give me tips about what kinds of qualifications one should be looking for in this type of contractor? What kinds of skills and experience should a PHP coder with these abilities have? How would one check that their knowledge is valid and also, would they need to have SSL and server security management skills?

    Any thoughts and opinions welcomed.

    Many thanks.
    Last edited by danny100; 05-20-2008 at 10:05 AM.

  • #2
    Regular Coder
    Join Date
    May 2008
    Location
    Ohio
    Posts
    231
    Thanks
    3
    Thanked 21 Times in 21 Posts
    A good coder has no problem sharing their code because they have no exploits. Personally, I would ask them for examples of other code they've done and post it here (given that there aren't any copyrights on it). Anyone here could tell you how (in)secure the code is.

    As for SSL, that really takes no extra management. If they tell you that they'll have problems with it, you shouldn't be talking to them in the first place.

  • #3
    Senior Coder
    Join Date
    Jan 2007
    Posts
    1,648
    Thanks
    1
    Thanked 58 Times in 54 Posts
    Personally, I would ask them for examples of other code they've done and post it here (given that there aren't any copyrights on it).
    If someone did this to me without first asking permission, I would probably sue them.

    Whether code has copyright or not is debatable. But certainly when I write a piece of code, that code is mine and you cannot just take it.

    Why else do you think there are all of these different licensing options? It isn't because its an entertaining read.

    How would one check that their knowledge is valid and also, would they need to have SSL and server security management skills?
    As the previous posted suggested, the only real way to get a good evaluation of code quality is to have other coders inspect it.

    But always remember that you assuming the reviewer is a good coder. That is not always the case. Your review quality will only be as good as the reviewer quality.

    SSL and security are not really specific subjects that one learns. They're mostly learned through experience in past projects. Just ask them about it and they should be able to share details.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •