Sebastian wrote:
if the script isn't that big you can probably use extract() in most
cases..
NOTE: Using extract() blindly import all the variables in
$_GET/$_POST/$_REQUEST is no more safe than register_globals being ON
Don't get a false sense of Security
Also, it would be rather tricky for
Yes and no...
Here's what the manual has to say about this...Basically, you can't do
it using ini_set, but you can do it using an htaccess file.
http://us2.php.net/manual/en/ini.sect.data-handling.php#ini.register-globals
register_globals boolean
Whether or not to register the EGPCS
On Tue, 21 Dec 2004 14:56:03 -0500, Jerry Swanson [EMAIL PROTECTED] wrote:
I know that register_globals = on is not secure. But one program
requires to use register_globals=on. So in php.ini register_globals is
set to on.
I have PHP 5.1, is it possible in the code set register_globals=off
I know that register_globals = on is not secure. But one program
requires to use register_globals=on. So in php.ini register_globals is
set to on.
I have PHP 5.1, is it possible in the code set register_globals=off
for specific scripts.
So I want to keep PHP register_globals=on in
if the script isn't that big you can probably use extract() in most cases..
is the script in its own directory? if so you can turn register globals on
just for that one directory..
create an .htaccess file and add:
php_value register_globals on
then place the .htaccess in the directory where the
From: Jerry Swanson [EMAIL PROTECTED]
I know that register_globals = on is not secure.
bah... you can write secure scripts with it on or off. having it off by default
simply helps to lessen some of the security issues that new programmers may not
be aware of.
But one program
requires to
6 matches
Mail list logo
