On Wed, 4 Jun 2003, Jay Blanchard wrote: > [snip] > Have register globals set to ON is one way of leaving your script open > to being exploitable. > [/snip] > > Please explain this, how does it make it more exploitable? I think that > this is only true if the code is sloppy.
Correct, if you properly initialize your internal variables there is nothing insecure about leaving register_globals on. -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php