suckablesausage Posted March 27, 2006 Share Posted March 27, 2006 I was reading on the forum. Some people were getting flamed for asking about the register_globals function. They were getting scolded and told to have it OFF. PERIOD. Is it that bad? Unsafe? $_GET, $_POST <<--- arre those going to be disabled in PHP6? What are other methods of transferring variables if those are going to get disabled. I want to have my URL like this..[a href=\"http://www.me.com/index.php?food=chicken&drink=beer\" target=\"_blank\"]http://www.me.com/index.php?food=chicken&drink=beer[/a][a href=\"http://www.me.com/index.php?food=fish&drink=gatorade\" target=\"_blank\"]http://www.me.com/index.php?food=fish&drink=gatorade[/a][a href=\"http://www.me.com/index.php?food=people&drink=blood\" target=\"_blank\"]http://www.me.com/index.php?food=people&drink=blood[/a]ya know? does register globals have to be on? im hosting a game server website. would it lower the security? everyone says i'd get hacked? i dont understand. on my [a href=\"http://mubalamban.zapto.org/\" target=\"_blank\"]http://mubalamban.zapto.org/[/a] website, i use $_post alot. is it bad? someone please help me Quote Link to comment Share on other sites More sharing options...
azuka Posted March 27, 2006 Share Posted March 27, 2006 Don't worry -- $_GET and $_POST will still work. When register_globals() is on, then for page.php?id=0, inside your code you can just say $id instead of $_GET['id']. That way, it declares all variables in the superglobals ($_ENV,$_GET,$_POST,$_REQUEST,$_SESSION). It's obvious why it's bad. Quote Link to comment Share on other sites More sharing options...
suckablesausage Posted March 28, 2006 Author Share Posted March 28, 2006 haha cool man. hey i visited your blog. nice site. i saw your pictures bro. anyway. man i read the sticky on the top of the forum relating to my issue but the link is down or something. do you think you can show me a site with tutorials or what posts that could help me? it would help me a lot :) im still confused what you mean by the $_GET['id'] :( is there any safe way ? any method you would use azuka? Quote Link to comment Share on other sites More sharing options...
shoz Posted March 28, 2006 Share Posted March 28, 2006 Read through this [a href=\"http://phpsec.org/projects/guide/\" target=\"_blank\"]security guide[/a]. In particular the section dealing with register globals Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.