On Tue, 2003-03-25 at 10:03, S.C. Gehl wrote: > No, root used words like "fucking no way in hell"
Hmm... I'd call this simply paranoia. All previous PHP releases have been register_globals On anyway. And besides, it is stupid to not reset new variables before usage anyway, and that is as far as I know the only security risk in register_globals. I think Rasmus Lerdorf (or some other original PHP core dev) said in an interview that the decision with register_globals in new PHP versions was overreacting. > Can i simply change the variables, to the pre-defined global variables > such as... > $HTTP_SERVER_VARS > change strings like this to: > $_SERVER > is this all it takes? Yes, but there is quite a bunch of code where this needs to be done. Let me know if you succeed, though. I would be happy to receive patch for this to Aegir CMS ;-) /Bergie -- Henri Bergius [EMAIL PROTECTED] Consultant Partner Tel: +358-20-198 6032 Nemein Oy http://www.nemein.com/ Nemein.Net -- Project tracking solution for consulting companies http://www.nemein.com/Nemein.Net/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
