DISQUS

Technosailor: Lessons in Web Security: PHP and register_globals

  • Paige · 4 years ago
    Love the redesign!
  • Aaron · 4 years ago
    Thanks. :)
  • Vinnie Garcia · 4 years ago
    You can also set the register globals flag in Apache via .htaccess:

    php_flag register_globals off

    Though it's better to do this at the php.ini level and not in a PHP script or .htaccess. Sadly though, some hosts just won't turn RG off because some of their customers' systems rely on it.