Do you know what the security problems are? Do you realise that having register_globals on or off isn't the security problem, it's how you write your code? If you're not going to change any of your code, just turn on register_globals. Changing your code to _POST or _GET and doing nothing else isn't making it any more secure that using it the way it is with register_globals on.
---John Holmes... ----- Original Message ----- From: "Kurth Bemis (List Monkey)" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, May 25, 2002 3:23 PM Subject: [PHP] 4.2.1 Vars > > After moving to php 4.2.1 my scripts that use xxx.php?blah=4 fail to work. > > I know that i need to turn register_globals on in my config, however I know > that there are security problems with this. So bascially I need to know > how to make 500+ scripts work without editing a bunch of files to make it > so that all my get and post vars start with $_POST and $_GET > > any ideas? > > ~kurth > > Kurth Bemis - Network/Systems Administrator, USAExpress.net/Ozone Computer > > Security is like an arms race; the best attackers will continue to search > for more complicated exploits, so we will too. > Quoted from http://www.openbsd.org/security.html > > [EMAIL PROTECTED] | http://kurth.hardcrypto.com > PGP key available - http://kurth.hardcrypto.com/pgp > > Fight Weak Encryption! Donate your wasted CPU cycles to Distributed.net > (http://www.distributed.net) > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
