What you should really be doing is telling your user/client "no, you will not run this insecure code on my systems".
I realise I'm being idealistic rather than realistic, but putting your foot down is the only way people will *stop* relying on register_globals. Ultimately I blame the PHP developers for engineering such a ghastly idea from the get-go... -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | On Fri, Sep 07, 2007 at 05:55:27PM +0200, Alessandro De Zorzi wrote: > Jani Ollikainen wrote: > > More important part of the manual is: > > http://fi.php.net/manual/en/security.globals.php > > > > For short: Don't use it > > > I agree, but I need set on one for one domain only in restricted area > > Alessandro > > > _______________________________________________ > suPHP mailing list > [email protected] > http://lists.marsching.biz/mailman/listinfo/suphp _______________________________________________ suPHP mailing list [email protected] http://lists.marsching.biz/mailman/listinfo/suphp
