Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 8 Oct 2004 20:58:38 -0700 (PDT)
From:      "Richard Lynch" <ceo@l-i-e.com>
To:        "Alan Curtis" <acurtis@ieee.org>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: phpwiki
Message-ID:  <2545.24.148.51.115.1097294318.squirrel@www.l-i-e.com>
In-Reply-To: <44A1FD0A-1931-11D9-A663-000A959EB894@ieee.org>
References:   <2D8BB15C7B5C214F81C32D3A83B3273601676FB9@idbexc01.americas.cpqcorp.net> <EB7AA45A-17CB-11D9-897B-000A959EB894@ieee.org> <41644861.1060000@wingfoot.org> <44A1FD0A-1931-11D9-A663-000A959EB894@ieee.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Alan Curtis wrote:
> 7. followed the instructions at
> http://phpwiki.sourceforge.net/phpwiki/FrequentlyAskedQuestions
> and added
>
> foreach ($_REQUEST as $k => $v) $$k = $v;

At this point, you might as well use .htaccess to turn register_globals
back "ON" for phpwiki, since you have effectively un-done the security of
turning register_globals "OFF" for this application...

Or fix the Wiki to *NOT* rely on register_globals in the first place.

You can find more info about this issue by searching on http://php.net for
register_globals

-- 
Like Music?
http://l-i-e.com/artists.htm



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2545.24.148.51.115.1097294318.squirrel>