--- Raditha Dissanayake <[EMAIL PROTECTED]> wrote:
> At the risk of starting another flame war: IMHO switching off register 
> globals and relying on $_POST etc can lull you into a false sense of 
> security.

I agree, and this is more true with the safe_mode directive, which I have
always thought was poorly named (although I don't have a better

Disabling register_globals is a good thing, however, and it at least
forces developers to understand where their data is coming from. This is a
good first step, in my opinion.


My Blog
HTTP Developer's Handbook
RAMP Training Courses

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to