philip Mon Sep 24 13:56:35 2001 EDT
Modified files:
/phpdoc/en/chapters security.xml
Log:
Adding link to register_globals config setting.
Index: phpdoc/en/chapters/security.xml
diff -u phpdoc/en/chapters/security.xml:1.26 phpdoc/en/chapters/security.xml:1.27
--- phpdoc/en/chapters/security.xml:1.26 Fri Sep 21 18:47:30 2001
+++ phpdoc/en/chapters/security.xml Mon Sep 24 13:56:35 2001
@@ -1,5 +1,5 @@
<?xml encoding="iso-8859-1"?>
-<!-- $Revision: 1.26 $ -->
+<!-- $Revision: 1.27 $ -->
<chapter id="security">
<title>Security</title>
@@ -541,9 +541,9 @@
<sect1 id="security.registerglobals">
<title>Using Register Globals</title>
<para>
- One feature of PHP that can be used to enhance security is
- configuring PHP with register_globals = off. By turning off
- the ability for any user-submitted variable to be injected
+ One feature of PHP that can be used to enhance security is configuring PHP with
+ <link linkend="ini.register-globals">register_globals</link> = off.
+ By turning off the ability for any user-submitted variable to be injected
into PHP code, you can reduce the amount of variable
poisoning a potential attacker may inflict. They will have
to take the additional time to forge submissions, and your