info/php-the-right-way
1
0
Fork 0
mirror of https://github.com/codeguy/php-the-right-way.git synced 2025-08-06 22:16:34 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #833 from glebocki/register-globals-grammar

Browse Source 
Improved grammar in Register Globals
This commit is contained in:
Josh Lockhart
2019-10-01 08:05:09 -04:00
committed by GitHub
parent 3ebe678af0 f10f09a279
commit 7b35bad44b
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
_posts/10-06-01-Register-Globals.md
View File

@@ -8,11 +8,12 @@ anchor: register_globals
**NOTE:** As of PHP 5.4.0 the `register_globals` setting has been removed and can no longer be used. This is only **NOTE:** As of PHP 5.4.0 the `register_globals` setting has been removed and can no longer be used. This is only
included as a warning for anyone in the process of upgrading a legacy application. included as a warning for anyone in the process of upgrading a legacy application.
When enabled, the `register_globals` configuration setting that makes several types of variables (including ones from When enabled, the `register_globals` configuration setting makes several types of variables (including ones from
`$_POST`, `$_GET` and `$_REQUEST`) available in the global scope of your application. This can easily lead to security `$_POST`, `$_GET` and `$_REQUEST`) available in the global scope of your application. This can easily lead to security
issues as your application cannot effectively tell where the data is coming from. issues as your application cannot effectively tell where the data is coming from.
For example: `$_GET['foo']` would be available via `$foo`, which can override variables that have not been declared. For example: `$_GET['foo']` would be available via `$foo`, which can override variables that have been declared.
If you are using PHP < 5.4.0 __make sure__ that `register_globals` is __off__. If you are using PHP < 5.4.0 __make sure__ that `register_globals` is __off__.
* [Register_globals in the PHP manual](https://secure.php.net/security.globals) * [Register_globals in the PHP manual](https://secure.php.net/security.globals)