Patrick Hutchinson wrote:
Thanks for the response. I basically have an environment analogous to an
internal ISP. A lot of corporate users that have the ability to make web
pages for the intranet etc. Basically management wants PHP turned off
now because a rogue user could potentially gather and
Yes. My understanding turning globals off stops using $PHP_AUTH_PW directly.
> Hi, Even with register globals off isn't it possible to have a webpage
> like this:
>
>
>
>
>
> Hello,
> I know your password is
>
>
>
>
>
>
> Is there a way to make sure apache doesn't set the $SERVER['PHP_AUT
Thanks for the response. I basically have an environment analogous to an
internal ISP. A lot of corporate users that have the ability to make web
pages for the intranet etc. Basically management wants PHP turned off
now because a rogue user could potentially gather and store people's
passwords
Friday, April 30, 2004, 5:37:15 PM, thus was written:
> Hi, Even with register globals off isn't it possible to have a webpage
> like this:
Not sure what you are asking. You can have a webpage like this. And I
guess it even does what it should - print the information.
>
>
>
> Hello,
> I know
Hi, Even with register globals off isn't it possible to have a webpage
like this:
Hello,
I know your password is
Is there a way to make sure apache doesn't set the $SERVER['PHP_AUTH_PW
'] global?
Thanks.
--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Pa
I have the following problem, help me please!!!.
php 4.2.2
register globals off
apache 1.3.27
windows 2000
internet explorer 6.0 SP1
I have two archives.
One that handles the code part, as validating form's inputs and inserting in
the data base, and other one is the fill-out form.
Inside of
well, i found my mistake ;)
on windows i forgot to change the name of the .htaccess-files because on
win they couldnt have a extentsion without a name.
So i've named them now only "htaccess" without the dot and it works fine
Frank W. wrote:
it works only if i put it in my httpd.conf - yes allo
Hi Frank,
> > ServerName localhost
> > DocumentRoot /var/www/html/mysite
> > php_value register_globals 0 (or 1 for "on")
>
> it works only if i put it in my httpd.conf - yes
> allowoveride is set to all :/
>
> i'm using apache 1.3.27 on win2k.
Well, you're doing *something* wrong, 'cos it wor
it works only if i put it in my httpd.conf - yes allowoveride is set to
all :/
i'm using apache 1.3.27 on win2k.
Jon Haworth wrote:
> Hi,
>
>
> >Thx for your reply It is working.
>
>
> No probs, glad to help.
>
>
> >I also found from php.net that it's possible
> >to set register_globals to "off"
On Fri, 25 Oct 2002 13:16:27 +0300
Tjoumaidis <[EMAIL PROTECTED]> wrote:
> Hi to Everyone,
> I just want to know if there is a way that i can have register_globals
> On in my php.ini file but for some application i can turn that Off
> perhaps with a .htacces file.
I prefer it Off in php.ini and
Hi,
> Thx for your reply It is working.
No probs, glad to help.
> I also found from php.net that it's possible
> to set register_globals to "off" on a site-by-
> site basis via Apache, thus overriding the "global"
> setting of register_globals in php.ini:
>
>
> ServerName localhost
> Documen
Thx for your reply It is working.
I also found from php.net that it's possible to set register_globals to
"off" on a site-by-site basis via Apache, thus overriding the "global"
setting of register_globals in php.ini:
In httpd.conf:
ServerName localhost
DocumentRoot /var/www/html/mysite
php_va
Hi,
> I just want to know if there is a way that i
> can have register_globals On in my php.ini file
> but for some application i can turn that Off
> perhaps with a .htacces file.
In your .htaccess:
php_flag register_globals on
or
php_flag register_globals off
Manual pages at
http://w
Hi to Everyone,
I just want to know if there is a way that i can have register_globals
On in my php.ini file but for some application i can turn that Off
perhaps with a .htacces file.
Thx for any help.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/
On Monday, July 1, 2002, at 11:30 AM, Adrian Greeman wrote:
> Would it be true to say that every time an example is given where data
> is
> passed on (for forms and so forth) that I can simply replace the
> variable in
> the example with $_POST or $_GET? Or do I have to do more?
Pretty much
AG> I have to understand the new "register globals off" methods and it seems
AG> like a good idea to learn that from the beginning but all the books and
AG> beginners guides gives examples the old way.
give it 3 more weeks and 2nd edition of PHP Fast & Easy will be
out...all register_global u
I am learning PHP with version 4.2. (Win ME, Apache, MySQL) on a PC
I have to understand the new "register globals off" methods and it seems
like a good idea to learn that from the beginning but all the books and
beginners guides gives examples the old way.
Would it be true to say that every
You could leave the setting to ON in your php.ini, and impose OFF on a
per-directory (account, domain, etc) basis with a .htaccess file (or
vice-versa), assuming you have Apache.
This will mean all new clients will have the setting to OFF, and will do
things "the right way" from day 1. It will a
On Sunday 30 June 2002 23:12, PHPCoder wrote:
> Hi
> Going through some literature, it seems like the use of registered
> globals can cause security issues. Now, the dilemma, all my previous PHP
> installations ( for the last year or so ) have come with register
> globals = on in the php.ini file
Hi
Going through some literature, it seems like the use of registered
globals can cause security issues. Now, the dilemma, all my previous PHP
installations ( for the last year or so ) have come with register
globals = on in the php.ini file by default, and users on my system has
happily coded
20 matches
Mail list logo