| Re: Shocking amount of PHP security holes? [message #171420 is a reply to message #171132] |
Sun, 02 January 2011 22:18   |
Thomas Mlynarczyk
Messages: 131
Registered: September 2010
Karma:
|
Senior Member |
|
|
Álvaro G. Vicario schrieb:
[No need to worry about register_globals if no global variables are used]
> The "register globals" feature has nothing to do with using global
> variables or not. You can find further information here:
> http://es.php.net/manual/en/security.globals.php
I am aware of that. I think you misunderstood me. My point was that as
long as a script does not use (uninitialized) globals, "register_globals
= On" cannot do any harm and therefore its value is irrelevant. In other
words: only badly written scripts "require" register_globals turned off
to prevent harm. Well written scripts are immune.
Greetings,
Thomas
--
Ce n'est pas parce qu'ils sont nombreux à avoir tort qu'ils ont raison!
(Coluche)
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]