Php Sat Origin
Static analysis for PHP
There where two sources that made the idea for PHP-Sat. The first source of inspiration came from my work as a assistent at the course [[http://www.cs.uu.nl/docs/vakken/inp/]["internet programmeren" (Internet Programming) (2005,2006)] at my
University department. I noticed that a lot of students where not aware of the security problems involved when programming PHP for the web.
The other source of inspiration came from a
practical assignment that I had to do for the course
Programming Transformation (2006). A part of this assignment was about tracking knowledge about variables that possibly containt null-pointers.
These two inspiration-sources lead me to the idea of a program that would track the state of a variable, wheter it was tainted or not, and then warn a user when this was used at the wrong places. This could be used by students to check and improve there programs before they submit.
I wanted to work out this idea, but I had to get a job for the summer to be able to pay my bills. A combination of these two was found in Google's
Summer of Code 2006. So I asked the person in charge of the course,
Eelco Visser wheter this idea was any good. In a short talk at the elevators I told him my idea and asked him about the Summer of Code. He was interested and there was sure to be someone who could mentor me.
So I started writing on my proposal. I found out that the idea was not really new because
Nenad Jovanovic was already developing
Pixy. An other project that was related is
PHC, the open source PHP compiler. I still wanted to continue with my idea, the reasons for this are all captured in my [[][SoC-application]]
--
EricBouwers - 04 Sep 2006