Posted by Ruben van Engelenburg on 01/11/07 15:43

Michael Fesser wrote:
> .oO(Dave Nash)
>
>> regsiter globals is set to 'off' on the live server.
>> Ive just changed it using .htaccess and it works fine now.
>
> You should fix your script instead! It's broken and insecure, providing
> an easy way to wreak havoc on your database.
>
> Micha

I have to agree with Micha on this. Never set register_globals to on and
fix the script instead. This way your script is a portal for database abuse.

Ruben.

[Back to original message]