> >> BTW, if you rewrite a lot some pages, do not hesitate to add the > >> register_globals_off() on top and benefit of the change to have one more > >page > >> compliant. > > >It seems that this function gives the user a way to kill any global > >variable, I don't think that's good. > > (Actually, it is definitely time to brought that up. If you think there's > anything in the coding policy that is not good, it is important to tell it, > not to simply disregard it.)
I had just noticed it. > I dont understand how it would give the user a way to kill anything. The code unsets all variables that the user passes via GET/POST. Therefore is the user passes a GET/POST variable that has the same name than a global variable otherwise used in Savane, the code will unregister it as well. -- Sylvain _______________________________________________ Savane-dev mailing list [email protected] https://mail.gna.org/listinfo/savane-dev
