[Project_owners] Mozdev.org PHP 5 upgrade; update code for register_globals = off
mycroft.mozdev.org at googlemail.com
Sat Jan 12 18:46:18 PST 2008
I hope I've got something wrong...
I tried the php snippet above in a testing directory which seems to be
echo $$__v, " | ", $__v, " | ", $__sg, "\n";
before the unset() line seems to suggest that a lot of the Mozdev internals
like $page are also scrubbed - I didn't get any output at all from the page
I was trying to load.
(I was trying to test:
) where I thought I was expecting the latter to work but the former not to.
More generally, if I read
http://uk.php.net/manual/en/language.variables.predefined.php correctly then
$_GET['foo'] is okay (this wasn't what I understood from the original
message) but $REMOTE_ADDR has to be replaced by $_SERVER['REMOTE_ADDR'] It
also seems to suggest $HTTP_*_VARS is acceptable (though discouraged) given
the default value of register_long_arrays.
Have I entirely misunderstood what's changing / what's required?
All the best,
On 10/01/2008, Arturo 'Buanzo' Busleiman <buanzo at buanzo.com.ar> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> Douglas E. Warner wrote:
> | One of the biggest changes that will come about with this change is that
> | register_globals flag will be set to "off". This will have wide impact
> I'd love to see suhosin installed, and allow_url_fopen = Off in php.net be
> set, too! Properly
> tunned, suhosin can be a WONDERFUL thing for mod_php.
> - --
> Arturo "Buanzo" Busleiman
> BUSCO Baterista para estilo brit-pop Zona Norte BsAs
> Independent Security Consultant - SANS - OISSG
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
> Project_owners mailing list
> Project_owners at mozdev.org
Mycroft Project Owner
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Project_owners