POBS is a work in progress and it will progress faster with userinput from people like you. My goal is to offer a tool which would be easy to use for the average user and would be foolproof for the average kind of PHP code (would require few codeline adjustments).
Here is my wishlist for versions after 0.92:
- Give hints and tips about dubious codelines after scanning PHP code. I.e. alert when setcookie function is called in script.
- Enhance POBS so that it deals with "problem codinglines" in a more secure way. I.e. if a parameter is passed to a function with "var1=3&var2=4" POBS could notice that the first parameter (var1) has no preceding ampersand but should be replaced just like "var2". Also the first parameter of the setcookie function can be replaced so that cookies do not have to be treated as excluded variables anymore.
- Write a proper reportfile (Although you can already print and save the HTML output generated by POBS.
If you have wishes yourself concerning POBS, please let me know.