Variables initialized - does register_globals on matter?

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • peter
    #1

    Variables initialized - does register_globals on matter?

    I have been unsuccessful turning register_global s off. I've tried
    several ideas. I'm thinking it may not be possible with my hosting
    company. If I initialize all variables, using $_POST, does that make
    my script relatively secure?

    Thanks,

    Peter

    Tags: None
    • Chung Leong
      #2
      Re: Variables initialized - does register_global s on matter?

      peter wrote:[color=blue]
      > I have been unsuccessful turning register_global s off. I've tried
      > several ideas. I'm thinking it may not be possible with my hosting
      > company. If I initialize all variables, using $_POST, does that make
      > my script relatively secure?[/color]

      Depends. If variable initializations can be bypassed, then you'll have
      problem. For example, say you're initializing a bunch of global
      variables in config.php. The file is included in index.php, which,
      incidently, includes other files:

      <?

      include("config .php");

      switch($_GET['page']) {
      case 'forum':
      include("forum. php");
      break;
      case 'about':
      include("about. php");
      break;
      }

      ?>

      If forum.php or about.php is accessed directly, then the configuration
      variables wouldn't get initialized.

        Comment

        • peter
          #3
          Re: Variables initialized - does register_global s on matter?

          Oh, I see what you mean. Thanks, Chung!

            Comment

            Previous template Next
            Working...