--- sudheer yakkala <[EMAIL PROTECTED]> wrote:
> I was wondering If I could get applications run with
> register_globals = OFF
Yes, otherwise disabling register_globals would not be the default
behavior chosen. :-)
> I have developed few applications, long back when I
> was using php 4.0.6. All of them worked fine when
> register_globals=ON. But none of the sessions were
> working when I turned off register_globals.
Have you tried $_SESSION['foo'] to get the session variable foo?
> I tried replacing every occurence of global parameter
> with $_SESSION[paramname]..but could not get them
> worked.
Think about this for a moment, and I think you'll see a potential problem.
The register_global directive creates global variables from a number of
sources such as GET, POST, cookies, and sessions.
Now, if you assume that every global variable came only from sessions,
you're most likely going to be wrong, and nothing is going to work the way
you intend. You need to replace your globals with the appropriate value.
Try here for more information:
http://www.php.net/register_globals
Hope that helps.
Chris
=
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
