[snip] On Wed, 4 Jun 2003, Jay Blanchard wrote: > [snip] > Have register globals set to ON is one way of leaving your script open
> to being exploitable. [/snip] > > Please explain this, how does it make it more exploitable? I think > that this is only true if the code is sloppy. Correct, if you properly initialize your internal variables there is nothing insecure about leaving register_globals on. [/snip] Then why has there been such a big deal about register_globals security? Is it because so much code is sloppy? Thanks! Jay -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php