Jump to content


Photo

error with auto install


  • Please log in to reply
5 replies to this topic

#1 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 30 May 2006 - 02:04 PM

I am having a major problem, I know enough about php to know register globals is a security issue, I tried installing os commerce, and zen shopping cart, one then the other, when I try to go to the admin area I get
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]
Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.
[/quote]
and I won't use something I have to enable register globals on, that is not good, I don't trust either of those if that's the case, and they are popular so I am assuming something is wrong, any ideas.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#2 poirot

poirot
  • Members
  • PipPipPip
  • Advanced Member
  • 646 posts
  • LocationAustin, TX

Posted 30 May 2006 - 02:22 PM

They may simply require register_globals to be on, probably because their code wasn't made for register_globals off and they're too lazy to modify it :lol:

But since register_globals is PHP_INI_PERDIR:
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Entry can be set in php.ini, .htaccess or httpd.conf [/quote]
So you can install the script in some directory and set register_globals on only in that dir
~ D Kuang

#3 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 30 May 2006 - 02:32 PM

isn't that a bad idea, for security purposes though. I didn't think it would be at first, but I have heard some really bad things about using register_globals, and the bad thing is, I had this error message with OC Commerce, and Zen Shopping cart, and there 2 of the most popular that is what is confusing me.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#4 poirot

poirot
  • Members
  • PipPipPip
  • Advanced Member
  • 646 posts
  • LocationAustin, TX

Posted 30 May 2006 - 03:08 PM

Yes, bad things can happen if someone codes a script that relies on register_globals AND has some vulnerability caused by it. But this doesn't mean these scripts are not secure enough.

If you think ZenCart and OSCommerce guys can create a safe script, enable it PER DIR. Else, don't install the scripts and try to find something else.
~ D Kuang

#5 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 31 May 2006 - 07:54 PM

Or can't I just download them, since there open source, and play with there php programming until I situate it to where they work with register globals on, it shouldn't take long to change all the variable with the proper $_POST, $_GET and whatever else is needed.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#6 Advancewebsoft

Advancewebsoft
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 01 July 2006 - 11:24 PM

Hello,

A register_globals=on is not a security issue for Oscommerce. Especially for Ms2.2 version. It have some vulnerabilites, of course,
but very very low (i.e. someone could steal customers info - name, surname, telephone) - also not so easy. And thats all, no security leaks within register_globals. But if you wish to use register_globals=OFF besides, you could use one of the contributions made for this, search a community/ contributions of the official oscommerce site, or wait until MS3 release will be out - it will have this support.

Best,
Advance Team
Official site http://www.advancewebsoft.com
Oscommerce Solutions: http://www.advancewe...oscommerce.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users