| Re: Shocking amount of PHP security holes? [message #171132 is a reply to message #171093] |
Mon, 27 December 2010 08:16   |
alvaro.NOSPAMTHANX
Messages: 277
Registered: September 2010
Karma:
|
Senior Member |
|
|
El 24/12/2010 16:46, Thomas Mlynarczyk escribió/wrote:
> Michael Fesser schrieb:
>> The keyword is 'register_globals'. Make sure that it's disabled.
>
> Yes. But actually, why bother? As long as we don't use global variables
> (and they are usually a bad idea), it doesn't matter, does it? And even
> if global variables are used, they should be initialized properly and if
> we forget to do that an E_NOTICE will remind us.
The "register globals" feature has nothing to do with using global
variables or not. You can find further information here:
http://es.php.net/manual/en/security.globals.php
Currently, it's just a source of silly bugs and security holes.
--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://borrame.com
-- Mi web de humor satinado: http://www.demogracia.com
--
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]