Posted by Jerry Stuckle on 01/24/08 11:47

alexander.petrov@abv.bg wrote:
> Well, I think it is more prejudice than real danger. If you read more
> carefully my last post I am barely mentioning 2 types of "global"
> variables.
>

You've never had to try to figure out where in 500K LOC a global
variable got changed... Yes, it is a real danger.

> 1. This is the danger one. It can be used if register_globals = On. Of
> course I will never turn it On. The security hole is well known.

Which has nothing to do with global variables, despite the name.

> 2. If we define "global ConfigSettings" this way we can have it
> accessible from everywhere and it is very convenient way to use it
> without passing it as parameter to every function. I do not see any
> danger here. I have read articles like this one
> http://blog.case.edu/gps10/2006/07/22/why_global_variables_in_php_is_bad_programming_practice
>

And it can be set to an invalid value from anywhere. It's a huge problem.

> and reasons like:
> - The downside to using global configuration variables is that they
> can be modified from anywhere in the program
> - All it takes is one unknowing programmer...
> - The reason is that dependence on global object instances limits the
> flexibility of your program
>
> are not serious for me. I already did a workbench using global and
> registry pattern approach and the later is a bit slower, so I would be
> thankful if one can provide me with any info that brings the real
> downside.
>

Not until you have that bug. Or someone else has to work on your code.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]