Hosting Provided By

Re: PHP and "Register_Globals"

From: Chris Travers <chris(at)travelamericas.com>
Date: Sat Mar 29 2003 - 17:18:02 EST

My favorite solution is to write a registration module at the beginning of a file (and use include_once) to extract the cookie/session/Get/Post values in whatever order you want to declare. This can be used to override settings which could also cause unexpected behavior in your application.

See http://www.php.net/manual/en/function.extract.php for more details on the extract command. You can write such a module to your own specifications. This can also be used to prevent non-standard ordering of registering globals from causing unexpected behavior in your application.

Best Wishes,
Chris Travers

Original Message ----- From: "Ulrich P." <spam@wir-sind.org> To: <webappsec@securityfocus.com> Sent: Saturday, March 29, 2003 9:57 AM Subject: PHP and "Register_Globals"

> hello,
problems.
>
> my question is now: my app is 'safe', but what do I do if my future
Received on Sat Mar 29 17:45:32 2003

This message: [ Message body ]
Next message: Jim McGarvey: "Re: PHP and "Register_Globals""
Previous message: shimi: "Re: PHP and "Register_Globals""
In reply to Ulrich P.: "PHP and "Register_Globals""
Next in thread: Nasir Simbolon: "Re: PHP and "Register_Globals""

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:49 EDT