The register_globals php.ini Directive Is Disabled
Versions of PHP prior to 4.2 shipped with the php.ini register_globals directive set to 'Yes' by default. This caused submitted parameters ('user' and 'address' in Listing 10.2) to be generated as global variables ($user, $address). This functionality is now disabled by default, and register_globals is set to 'No'. You can reverse this setting yourself by setting register_globals back to 'Yes' in the php.ini file, but use of automatic globals is now actively discouraged because of the potential security risks involved.
The superglobal variables $_GET, $_SET, and $_REQUEST are unaffected by the register_globals directive.
No comments:
Post a Comment