There is also a $_REQUEST variable.
At the risk of starting another flame war: IMHO switching off register globals and relying on $_POST etc can lull you into a false sense of security.
Fernando Melo wrote:
Thanks.
I don't see how this makes it more secure though?
The values are still picked up the same way from a URL
-----Original Message-----
From: Jon Haworth [mailto:[EMAIL PROTECTED] Sent: 13 November 2003 13:28
To: [EMAIL PROTECTED]
Subject: Re: [PHP] register_globals & security
Hi Fernando,
I have a PHP application that passes variables (values) from a form. I get these using $_POST
However I do also post some variables via a link. Which ofcourse requires
register_globals to be ON.
Do you mean variables in a URL, like this: www.example.com/index.php?foo=1&bar=2
If so you can access these via the $_GET array and leave register_globals turned off.
Cheers Jon
-- Raditha Dissanayake. ------------------------------------------------------------------------ http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
