Geeklog Forums

I just installed geeklog 1.3.7sr1 and it seems to be working except that I can not edit stories, event, users, anything. As Admin I edit a story from story.php. After I click on the story number the page doesn't change but the url now has mode=edit and the sid set. I looked at the code and it apears that those vars are never getting set with $HTTP_GET_VARS. This also seems to be the case just about everywhere. Am I missing something? andy

Make sure you have register_globals=on in you php.ini file. The install script should have warned you about this, though ... bye, Dirk

Any reason to require register_globals? It's a huge source of security holes in php apps, and completely unnecessary. The code seems to pull POST vars from the correct place, but depends on register_globals for GET vars. Why the discrepancy there? I'd be more than happy to make the changes necessary to get this to work without register_globals, if you'd like. But I don't want to edit my copy and have to do it all over again every time I upgrade...

Please do a search on this topic as this has been discussed to death already ... In short: Geeklog 1.3 will require register_globals=on. Period. Work on Geeklog 2 has already started which will be designed from the ground up not to rely on register_globals being on. Also, the security issues imposed be register_globals=on are greatly exaggerated, IMO. It is possible to write secure software with this setting. Just because there are a lot of insecure scripts out there doesn't mean that every PHP script is insecure ... bye, Dirk