Hey, I thought of an idea yesterday which could make everyone happy. In the default php.ini we set the register_globals to a new value "unset". If PHP runs with this INI value it will display a page telling you that you need to define the register_globals option in your php.ini and explains the pros/cons & security concerns involved (IMO we should recommend register_globals=off). This way we won't break existing sites which already have php.ini and we have an easy way to feed new users w/ the required information. Of course, I still think we should think of a nicer way to access form variables such as $_FORM[] in order to make it easier for the developer. Andi -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
- RE: [PHP-DEV] Security Issues Marc Boeren
- RE: [PHP-DEV] Security Issues Brian Tanner
- RE: [PHP-DEV] Security Issues Marc Boeren
- RE: [PHP-DEV] Security Issues Marc Boeren
- Re: [PHP-DEV] Security Issues Phil Driscoll
- RE: [PHP-DEV] Security Issues Zeev Suraski
- Re: [PHP-DEV] Security Issues php4
- Re: [PHP-DEV] Security Issues Zeev Suraski
- Re: [PHP-DEV] Security Issues Phil Driscoll
- Re: [PHP-DEV] Security Issues Zeev Suraski
- Re: [PHP-DEV] Security Issues Andi Gutmans
- Re: [PHP-DEV] Security Issues Ramsi Sras
- Re: [PHP-DEV] Security Issues Ron Chmara
- Re: [PHP-DEV] Security Issues Zeev Suraski
- Re: [PHP-DEV] Security Issues Ramsi Sras
- Re: [PHP-DEV] Security Issues (backward fix... teo
- Re: [PHP-DEV] Security Issues Ramsi Sras
- Re: [PHP-DEV] Security Issues Phil Driscoll
- Re: [PHP-DEV] Security Issues Zeev Suraski
- Re: [PHP-DEV] Security Issues Phil Driscoll
- Re: [PHP-DEV] Security Issues Zeev Suraski
