Hijacking

[Miss-Ruth]

To prevent PHP form Hijacking it's best to Turn off the register_globals. correct? But some of my applications stop responding when it's turned off. What is the risk? Any solution to avoid the risk?

 

Thanks.

Ruth.

[OldWest]

To prevent PHP form Hijacking it's best to Turn off the register_globals. correct? But some of my applications stop responding when it's turned off. What is the risk? Any solution to avoid the risk?

 

Thanks.

Ruth.

 

register_globals should always be off. Sounds like your scripts were developed some years ago (using php4) because register_globals  was a thing of the past. Its very insecure since you don't need to declare your passed variables. Therefore, it's really easy to pass bad or harmful data through your scripts - and you never know what could go through. You should hire me to upgrade your scripts ; )

[Zurev]

You should hire me to upgrade your scripts ; )

 

Seems like someone changed the hijacking php scripts thread to hijacking the thread into freelance! 

[OldWest]

You should hire me to upgrade your scripts ; )

 

Seems like someone changed the hijacking php scripts thread to hijacking the thread into freelance! 

 

haha! That's funny stuff.

[Miss-Ruth]

$OldWest = $_POST['OldWest']
if($OldWest = strip_tags($OldWest) && htmlentities($OldWest) && utf8_decode($OldWest) &&
stripslashes ($OldWest))
{
echo "lol";
};

 

Thanks Guys!!! GOt it fixed. 

[OldWest]

mark SOLVED!

[Miss-Ruth]

sure... why not!

 

Ruth.