Do you know what the security problems are? Do you realise that having
register_globals on or off isn't the security problem, it's how you write
your code? If you're not going to change any of your code, just turn on
register_globals. Changing your code to _POST or _GET and doing nothing else
isn't making it any more secure that using it the way it is with
register_globals on.

---John Holmes...

----- Original Message -----
From: "Kurth Bemis (List Monkey)" <[EMAIL PROTECTED]>
Sent: Saturday, May 25, 2002 3:23 PM
Subject: [PHP] 4.2.1 Vars

> After moving to php 4.2.1 my scripts that use xxx.php?blah=4 fail to work.
> I know that i need to turn register_globals on in my config, however I
> that there are security problems with this.  So bascially I need to know
> how to make 500+ scripts work without editing a bunch of files to make it
> so that all my get and post vars start with $_POST and $_GET
> any ideas?
> ~kurth
> Kurth Bemis - Network/Systems Administrator, Computer
> Security is like an arms race; the best attackers will continue to search
> for more complicated exploits, so we will too.
> Quoted from
> PGP key available -
> Fight Weak Encryption!  Donate your wasted CPU cycles to
> (
> --
> PHP General Mailing List (
> To unsubscribe, visit:

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to