sgolemon/gist:a2f98484efac50d69a292ff40bc6e036 Secret

## gistfile1.txt
We are building a website using CodeIgniter3 & are very much security conscious & believe we have a brilliant idea.
If PHP does not follow up with this idea, then undoubtedly Microsoft and or Google will do just that.
So let us share the idea with PHP first & before the other 2 giants, that is if PHP ignores this message.
We intend to notify those 2 giants after 7 days if PHP does not respond to this message & after 30 days
if PHP does respond but demonstrates no interest in pursuing the matter further.

PHP should make the Internet a much safer place to browse & to conduct business.
PHP has the basic facility but does not appear to be interested in achieving a safe Internet.

There should be a central database that stores Face Recognition & Fingerprint Data where
if a person joins a PHP website, and maybe other sites, there can be a search if the User
has an existing database entry and then report to the website holder as to any adversities.
The website holder can then decide whether to proceed with or without conditions and may
even create its own database. The website should also have the facility to enable Javascript,
HTML, CSS and any other App within the User's browser, to ensure that nothing has been tampered with.
Of course there must be a prior warning before that can take place.

Once the User is registered in either the base database and or the website database, then he/she
can produce a face image & fingerprints each time of logging in and or making a valuable transaction,
to identify oneself before proceeding further, that is if the website permits such activity with that person.

While we do understand that CodeIgniter does eliminate SQL Injection into a url, we are not so confident
if there is any elimination for injecting into a text box or text area. In our project we do have some
Javascript & HTML restrictions and then proceed with form_validation to ensure compliance backend.
However, we need a more sophisticated system than form_validation and although we have attempted to
test callback it does fall short of being sufficient for our intention. When a form_validation is
triggered, excepting "required" in the event of no data entered, we will want the User's account
to be immediately suspended & the offending data recorded in the Admin section together with
User ID & Username & a message sent to the User. Within 24 hours we will need to decide on the fate of the User.

PHP maybe thinking why they should get involved in such high level security & feel that it
should be left to the security professionals. Let us say that it is the "open" environment
that PHP, & others, have created that causes theft & corruption via the Internet therefore
PHP & others have an obligation to close that opening.
	We are building a website using CodeIgniter3 & are very much security conscious & believe we have a brilliant idea.
	If PHP does not follow up with this idea, then undoubtedly Microsoft and or Google will do just that.
	So let us share the idea with PHP first & before the other 2 giants, that is if PHP ignores this message.
	We intend to notify those 2 giants after 7 days if PHP does not respond to this message & after 30 days
	if PHP does respond but demonstrates no interest in pursuing the matter further.

	PHP should make the Internet a much safer place to browse & to conduct business.
	PHP has the basic facility but does not appear to be interested in achieving a safe Internet.

	There should be a central database that stores Face Recognition & Fingerprint Data where
	if a person joins a PHP website, and maybe other sites, there can be a search if the User
	has an existing database entry and then report to the website holder as to any adversities.
	The website holder can then decide whether to proceed with or without conditions and may
	even create its own database. The website should also have the facility to enable Javascript,
	HTML, CSS and any other App within the User's browser, to ensure that nothing has been tampered with.
	Of course there must be a prior warning before that can take place.

	Once the User is registered in either the base database and or the website database, then he/she
	can produce a face image & fingerprints each time of logging in and or making a valuable transaction,
	to identify oneself before proceeding further, that is if the website permits such activity with that person.

	While we do understand that CodeIgniter does eliminate SQL Injection into a url, we are not so confident
	if there is any elimination for injecting into a text box or text area. In our project we do have some
	Javascript & HTML restrictions and then proceed with form_validation to ensure compliance backend.
	However, we need a more sophisticated system than form_validation and although we have attempted to
	test callback it does fall short of being sufficient for our intention. When a form_validation is
	triggered, excepting "required" in the event of no data entered, we will want the User's account
	to be immediately suspended & the offending data recorded in the Admin section together with
	User ID & Username & a message sent to the User. Within 24 hours we will need to decide on the fate of the User.

	PHP maybe thinking why they should get involved in such high level security & feel that it
	should be left to the security professionals. Let us say that it is the "open" environment
	that PHP, & others, have created that causes theft & corruption via the Internet therefore
	PHP & others have an obligation to close that opening.