Jump to content

error with auto install

Ninjakreborn

By Ninjakreborn
in PHP Coding Help

 Share

Recommended Posts

Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted
I am having a major problem, I know enough about php to know register globals is a security issue, I tried installing os commerce, and zen shopping cart, one then the other, when I try to go to the admin area I get
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]
Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.
[/quote]
and I won't use something I have to enable register globals on, that is not good, I don't trust either of those if that's the case, and they are popular so I am assuming something is wrong, any ideas.
Link to comment
Share on other sites
poirot Member

poirot

Posted
Posted
They may simply require register_globals to be on, probably because their code wasn't made for register_globals off and they're too lazy to modify it :lol:

But since register_globals is PHP_INI_PERDIR:
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Entry can be set in php.ini, .htaccess or httpd.conf [/quote]
So you can install the script in some directory and set register_globals on only in that dir
Link to comment
Share on other sites
Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
isn't that a bad idea, for security purposes though. I didn't think it would be at first, but I have heard some really bad things about using register_globals, and the bad thing is, I had this error message with OC Commerce, and Zen Shopping cart, and there 2 of the most popular that is what is confusing me.
Link to comment
Share on other sites
poirot Member

poirot

Posted
Posted
Yes, bad things can happen if someone codes a script that relies on register_globals AND has some vulnerability caused by it. But this doesn't mean these scripts are not secure enough.

If you think ZenCart and OSCommerce guys can create a safe script, enable it PER DIR. Else, don't install the scripts and try to find something else.
Link to comment
Share on other sites
Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
Or can't I just download them, since there open source, and play with there php programming until I situate it to where they work with register globals on, it shouldn't take long to change all the variable with the proper $_POST, $_GET and whatever else is needed.
Link to comment
Share on other sites
  • 1 month later...
Advancewebsoft Newbie

Advancewebsoft

Posted
Posted
Hello,

A register_globals=on is not a security issue for Oscommerce. Especially for Ms2.2 version. It have some vulnerabilites, of course,
but very very low (i.e. someone could steal customers info - name, surname, telephone) - also not so easy. And thats all, no security leaks within register_globals. But if you wish to use register_globals=OFF besides, you could use one of the contributions made for this, search a community/ contributions of the official oscommerce site, or wait until MS3 release will be out - it will have this support.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.