Whats best :
register_globals ON ?
OR
register_globals OFF ?
I currently use:
$_POST
$_GET
$_REQUEST
Does On or Off make any major difference ?
Thanks 4 12375
"Nel" <ne***@ne14.co.NOSPAMuk> wrote in message
news:PF*********************@stones.force9.net... <Frank @ MyPlace.Com (Frank)> wrote in message news:3f****************@news.btclick.com... Whats best :
register_globals ON ?
OR
register_globals OFF ?
I currently use: $_POST $_GET $_REQUEST
Does On or Off make any major difference ?
Thanks
If you program with register_globals OFF you only need to make sure you don't leave any uninitialised variables that can be abused by hackers.
Whether it's on or off you will still need to validate any user input, so I perfer register_globals OFF, as it saves having to prefix all my variables with $_POST etc.
If, on the other hand, you are worried that you may forget to initialise your variables, then go for register_globals ON.
Nel
or vice versa ? I think you mean on when you said off, off when you said on.
Nel wrote: Whether it's on or off you will still need to validate any user input, so I perfer register_globals OFF, as it saves having to prefix all my variables with $_POST etc.
If, on the other hand, you are worried that you may forget to initialise your variables, then go for register_globals ON.
You mean the other way around here (on -> off, off -> on), but you shoudl
really use $_POST/GET/REQUEST (REQUEST is my preference) anyway, as your
projects increase in size you will quickly end up in a situation where it's
not clear wether a variable, $foononny you are using (and wrote 2 months
ago) is from a get/post or a locally generated (global) variable - using
$_GET/POST/REQUEST makes it perfectly clear.
--
James Sleeman
Gogo:Code, http://www.gogo.co.nz/
PHP & Coldfusion Programming Services
Email domain : gogo.co.nz see user in from header!
James Sleeman wrote: Nel wrote:
Whether it's on or off you will still need to validate any user input, so I perfer register_globals OFF, as it saves having to prefix all my variables with $_POST etc.
If, on the other hand, you are worried that you may forget to initialise your variables, then go for register_globals ON.
You mean the other way around here (on -> off, off -> on), but you shoudl really use $_POST/GET/REQUEST (REQUEST is my preference) anyway, as your projects increase in size you will quickly end up in a situation where it's not clear wether a variable, $foononny you are using (and wrote 2 months ago) is from a get/post or a locally generated (global) variable - using $_GET/POST/REQUEST makes it perfectly clear.
Why would you use $_REQUEST if you had control over the form generating the
request? Using $_REQUEST means that there are twice the number of checks for
PHP to do when parsing the data (it has to see whether the key exists in the
post data and in the get data) and it makes it easier for people to screw
around with input...
Whoops! The sinility must really be kicking in! ;-)
Thanks. Nel
"James Sleeman" <ja***@seeMessageForDomain.moc> wrote in message
news:Yz*******************@news02.tsnz.net... Nel wrote:
Whether it's on or off you will still need to validate any user input,
so I perfer register_globals OFF, as it saves having to prefix all my variables with $_POST etc.
If, on the other hand, you are worried that you may forget to initialise your variables, then go for register_globals ON. You mean the other way around here (on -> off, off -> on), but you shoudl really use $_POST/GET/REQUEST (REQUEST is my preference) anyway, as your projects increase in size you will quickly end up in a situation where
it's not clear wether a variable, $foononny you are using (and wrote 2 months ago) is from a get/post or a locally generated (global) variable - using $_GET/POST/REQUEST makes it perfectly clear.
-- James Sleeman Gogo:Code, http://www.gogo.co.nz/ PHP & Coldfusion Programming Services Email domain : gogo.co.nz see user in from header! This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: John |
last post by:
Hello.
I am a newbie to PHP. I am over halfway through my first book that
I'm learning with and have just created login pages etc.
I just wondered, if I am running php/mysql/apache locally,...
|
by: wonder |
last post by:
Hi,
The CRM application said that need to add an option
"REGISTER_GLOBALS=On" to the php.ini file, so I did what it told.
But I still can't get rid off the following error:
The PHP variable...
|
by: lian |
last post by:
Hi all,
I have installed a web-based software written in php which needs
that i should turn "register_globals" from off to on in the php.ini.
There are some comments for register_globals in...
|
by: Phil Latio |
last post by:
I am newish to PHP and wish to create an authentication system where a new
user is required to validate/complete their sign-up by clicking a link in an
email.
I am probably capable of putting...
|
by: news |
last post by:
You'd think it'd be easier to find the answer to this question.
Did a search, and all I can find is people asking why something's not
working and people replying it's because register_globals is...
|
by: peter |
last post by:
Hi. I am just learning PHP. I'm taking over the website at work,
which is coded in PHP. I am wondering about register_globals. They are
on on the server we use. Is that a threat? I understand...
|
by: peter |
last post by:
I just took over the website at work. I am still learning PHP.
Register_globals are on and the script appears to be coded to take
advantage of this. I know how to recode the script, but am unsure...
|
by: Samuel Shulman |
last post by:
I keep getting the
'FATAL ERROR: register_globals is disabled in php.ini, please enable it!'
error
I changes that settings and I still get this error
What should I do next?
Thank you,...
|
by: Dave |
last post by:
In PHP 4.4, what is the most secure server configuration while keeping
REGISTER_GLOBALS on?
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
| |