Three-Tier Development with PHP 5
Subject:   use _POST for x, y, z
Date:   2005-03-14 12:08:48
From:   eriksays
Response to: use _POST for x, y, z

no no no no.

register_globals = ON is a SERIOUS SECURITY VIOLATION that can allow a user to hijack the session data with their own variables.

keep register_globals = OFF and just use $_POST or $_GET to grab your form variables.

Full Threads Oldest First

Showing messages 1 through 1 of 1.

  • use .htaccess for x, y, z
    2006-06-09 02:56:40  goa103 [View]

    I second your remark but for this article it's possible to avoid modifying a single line of code by using a simple .htaccess file with the following lines in it :
    php_flag magic_quotes_gpc off
    php_flag register_globals on