Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

PHP and "Register_Globals"

From: Ulrich P. <spam(at)wir-sind.org>
Date: Sat Mar 29 2003 - 12:57:42 EST

hello,

newer php-versions have set "register_globals" to "off" by default. i programmed a huge php-project during the last year and didn't start using the global POST and GET-arrays, so if a form contains <input type=text name=age> if use $age in my scripts.

I soon realized the security issues, and wrote my own validation-functions, ... to handle all the XSS and SQL-injection problems.

my question is now: my app is 'safe', but what do I do if my future webhost has register_globals to 'off'?

would it be possible to write a script that registers the whole POST-array as single variables? simply as it used to be in 'older' PHP-versions?

any ideas welcome :)

regards,

Ulrich Received on Sat Mar 29 13:09:56 2003

Do you need help?

This message: [ Message body ]
Next message: Adrian: "Re: PHP and "Register_Globals""
Previous message: Bear Giles: "Re: Passing data between frames"
Next in thread: Adrian: "Re: PHP and "Register_Globals""
Reply: Adrian: "Re: PHP and "Register_Globals""
Reply: shimi: "Re: PHP and "Register_Globals""
Reply: Chris Travers: "Re: PHP and "Register_Globals""
Reply: Nasir Simbolon: "Re: PHP and "Register_Globals""
Reply: Jim McGarvey: "Re: PHP and "Register_Globals""

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:49 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library