 |
 |
 |
 |
|
|
Date: 07/28/01
- Next message: f.lamonica <email protected>: "[PHP-DEV] Bug #12451: compilation halts on libmysql extension"
- Previous message: Zeev Suraski: "Re: [PHP-DEV] Security Issues"
- In reply to: Zeev Suraski: "Re: [PHP-DEV] Security Issues"
- Next in thread: Ramsi Sras: "Re: [PHP-DEV] Security Issues"
- Reply: Ramsi Sras: "Re: [PHP-DEV] Security Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hey,
I thought of an idea yesterday which could make everyone happy. In the
default php.ini we set the register_globals to a new value "unset". If PHP
runs with this INI value it will display a page telling you that you need
to define the register_globals option in your php.ini and explains the
pros/cons & security concerns involved (IMO we should recommend
register_globals=off). This way we won't break existing sites which already
have php.ini and we have an easy way to feed new users w/ the required
information.
Of course, I still think we should think of a nicer way to access form
variables such as $_FORM[] in order to make it easier for the developer.
Andi
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: f.lamonica <email protected>: "[PHP-DEV] Bug #12451: compilation halts on libmysql extension"
- Previous message: Zeev Suraski: "Re: [PHP-DEV] Security Issues"
- In reply to: Zeev Suraski: "Re: [PHP-DEV] Security Issues"
- Next in thread: Ramsi Sras: "Re: [PHP-DEV] Security Issues"
- Reply: Ramsi Sras: "Re: [PHP-DEV] Security Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]