sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding link to register_globals config setting.

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@58201 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Philip Olson 2001-09-24 17:56:35 +00:00
parent a045868ebc
commit a522351ce6
2 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
chapters/security.xml
View file

@ -1,5 +1,5 @@
<?xml encoding="iso-8859-1"?>
<!-- $Revision: 1.26 $ -->
<!-- $Revision: 1.27 $ -->
<chapter id="security">
<title>Security</title>
@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor
<sect1 id="security.registerglobals">
<title>Using Register Globals</title>
<para>
One feature of PHP that can be used to enhance security is
configuring PHP with register_globals = off. By turning off
the ability for any user-submitted variable to be injected
One feature of PHP that can be used to enhance security is configuring PHP with
<link linkend="ini.register-globals">register_globals</link> = off.
By turning off the ability for any user-submitted variable to be injected
into PHP code, you can reduce the amount of variable
poisoning a potential attacker may inflict. They will have
to take the additional time to forge submissions, and your

8
security/index.xml
View file

@ -1,5 +1,5 @@
<?xml encoding="iso-8859-1"?>
<!-- $Revision: 1.26 $ -->
<!-- $Revision: 1.27 $ -->
<chapter id="security">
<title>Security</title>
@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor
<sect1 id="security.registerglobals">
<title>Using Register Globals</title>
<para>
One feature of PHP that can be used to enhance security is
configuring PHP with register_globals = off. By turning off
the ability for any user-submitted variable to be injected
One feature of PHP that can be used to enhance security is configuring PHP with
<link linkend="ini.register-globals">register_globals</link> = off.
By turning off the ability for any user-submitted variable to be injected
into PHP code, you can reduce the amount of variable
poisoning a potential attacker may inflict. They will have
to take the additional time to forge submissions, and your