Geeklog Forums

The Register Globals issue comes up a fair amount. I can do some basic to intermediate PHP coding and am wondering if I might help eliminate it.

What is required to recode Geeklog so that it runs with RG = off? If the holdup here is just a matter of going through the entire codebase and making a bunch of no-brainer changes, I am willing to do it and then organize a group of folks to test the changes.

Of course of the problem is very complex, then *ahem* nevermind.

The thing is, it's not even documented as no one could predict it would be a problem (at least not documented in the PHP files themselves).

What you need to do is go through every PHP file and change two things:
1) Every "used to be global" parameter into a super global one.
2) Every "old style" super global into a "new style" super global.

The downside is that it can wreck havoc for people with old versions of PHP...then again, there always comes a time when people who don't update are left behind.

Maybe we can turn this topic into a list of such parameters. If anyone who reads this can think of anything, simply list it here.
Oh, and mention whether it belongs to list number one or two.

Here, I'll start:


P.S.
Download Auto Replace for a cool (installation free) freeware that can search and replace in multiple files in one click.

Isn't there a Register Globals off workaround. I remember seeing a little snippet of code one could add that would simulate Register Globals = on. I think it's on here somewhere a search should find it.

http://www.geeklog.net/forum/viewtopic.php?forum=3&showtopic=47358

I think they are talking about completely eliminating the RG for better security.

Sam

register globals are all but gone in cvs version

though many third party plugins are not

---

glFusion - Technology Fused with Style - www.gllabs.org