Andy Jeffries wrote:
It's not a big risk if you don't code for it being on. The risk comes in
using variables like $page when you should be using $_GET["page"]. The
latter cannot be faked, $page could have been set in any number of ways.
I generally code specifically for it being *off*. e.g.
<?php
if ($_GET['username']=='tom' && $_GET['password']=='secret1')
$loggedin = TRUE;
elsif ($_GET['username']=='dick' && $_GET['password']=='secret2')
$loggedin = TRUE;
elsif ($_GET['username']=='harry' && $_GET['password']=='secret3')
$loggedin = TRUE;
if ($loggedin)
do_super_secret_stuff();
?>
With register_globals switched *on* a visitor can simply pass ?loggedin=1
and they get the secret stuff. So register_globals on can be a *serious*
security risk.
Luckily you can switch it off easily using, for example, .htaccess:
php_value register_globals off
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~
http://tobyinkster.co.uk/contact