On Sat, 2002-03-30 at 17:43, Shane Wright wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> > Not really. You either have to init your variables or turn off notices
> > in error_reporting() (or otherwise suppress them; i.e. display_errors =
> > off).
> initialising them with safe defaults is the thing to do - the point of the
> error is to warn about uninitialised variables (which, if register_globals is
> on, could be used by an attacker to make your scripts to bad things...)
> - --
Yes, this is my standard suggestion as well, but since Ernesto seemed
to be aware of the issues I decided not to press the point.
Torben Wilson <[EMAIL PROTECTED]>
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php