----- Original Message -----
From: "Richard Lynch" <[EMAIL PROTECTED]>
On Sun, June 18, 2006 2:19 am, Satyam wrote:
----- Original Message -----
From: "Rory Browne" <[EMAIL PROTECTED]>
Good code won't be vulnerable to register_globals either, but having
register_globals on is a security problem because there are security
flaws
that can only be exploited when register_globals is enabled.
Actually, code quality cannot overcome the vulnerability of
register_globals. Every program will have global variables.
You clearly do not really understand the meaning behind
"register_globals" and "global variables" in PHP... :-)
Or perhaps you don't consider initializing variables as code quality
issue.
Because if you initialize EVERY variable, register_globals on/off has
zero effect.
The last paragraph you are replying to is actually mine and your first
paragraph is right, I don't know what register_globals on implies because I
never had it and, fortunately, my ISP doesn't have it that way either so,
indeed, I lack experience with register_globals because I never had to deal
with that and I should have remained quiet. I come from languages where
you not only have to initialize a variable but have to declare it as well so
initializing comes natural, I feel wrong if I don't do it, even if the
interpreter does not care.
Satyam
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
