On Monday 23 April 2001 11:56, Greig, Euan wrote:
> I have read in several places that is dangerous to have register_globals
> on, but I have not understood the (short) explanations given. Can anyone
> enlighten me?
keep it a rule to either unset any variable that you use or set them with a
default value. how awfully nice register_globals is, I've started to be more
aware and use of HTTP_POST_VARS and HTTP_GET_VARS in case someone get a wild
idea to abuse some of my products. they might get some dangerous stuff, I
can't imagine their fantasy so I just let them have as little chance as
possible :)
--
php developer / CoreTrek AS | TV is chewing gum for the eyes. --
Sandnes / Rogaland / Norway | Frank Lloyd Wright
web: http://www.moijk.net/ |
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]