You are here: RE: [suspicious - maybe spam] [PHP] [suspicious - maybe spam] RE: Issues with News sites again... « PHP « IT news, forums, messages
RE: [suspicious - maybe spam] [PHP] [suspicious - maybe spam] RE: Issues with News sites again...

Posted by Jay Blanchard on 09/14/05 17:46

[snip]
I would be very worried about the quality of any reply that posts a link
that says the opposite of what the person is saying. Nowhere in that link
did I see them say that turning on the globals was a security issue. The
page said the misuse of the globals was the security risk due to forgetting
to initialize variables and then goes on to show examples of the issue risks

if the globals aren't properly initialized. The security issues fall on the
web designer not the ISP or PHP, ISP and PHP doesn't control if I forget to
initialize something in my PHP scripts. The first two paragraphs even state
that it is a web designer's problem (not in so many words though).
[/snip]


At the risk of starting another globals holy war, the reply that you
received was a generalization that reflects the potential (<---- NOTE THAT)
security risks from having register globals 'on'. The poster was essentially
correct, misuse of globals opens up a whole can of potential security
issues. I will refer you to several good PHP security resources at
http://www.shiflett.org

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация