mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-16 00:48:54 +00:00
Adding link to register_globals config setting.
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@58201 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
parent
a045868ebc
commit
a522351ce6
2 changed files with 8 additions and 8 deletions
|
@ -1,5 +1,5 @@
|
|||
<?xml encoding="iso-8859-1"?>
|
||||
<!-- $Revision: 1.26 $ -->
|
||||
<!-- $Revision: 1.27 $ -->
|
||||
<chapter id="security">
|
||||
<title>Security</title>
|
||||
|
||||
|
@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor
|
|||
<sect1 id="security.registerglobals">
|
||||
<title>Using Register Globals</title>
|
||||
<para>
|
||||
One feature of PHP that can be used to enhance security is
|
||||
configuring PHP with register_globals = off. By turning off
|
||||
the ability for any user-submitted variable to be injected
|
||||
One feature of PHP that can be used to enhance security is configuring PHP with
|
||||
<link linkend="ini.register-globals">register_globals</link> = off.
|
||||
By turning off the ability for any user-submitted variable to be injected
|
||||
into PHP code, you can reduce the amount of variable
|
||||
poisoning a potential attacker may inflict. They will have
|
||||
to take the additional time to forge submissions, and your
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<?xml encoding="iso-8859-1"?>
|
||||
<!-- $Revision: 1.26 $ -->
|
||||
<!-- $Revision: 1.27 $ -->
|
||||
<chapter id="security">
|
||||
<title>Security</title>
|
||||
|
||||
|
@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor
|
|||
<sect1 id="security.registerglobals">
|
||||
<title>Using Register Globals</title>
|
||||
<para>
|
||||
One feature of PHP that can be used to enhance security is
|
||||
configuring PHP with register_globals = off. By turning off
|
||||
the ability for any user-submitted variable to be injected
|
||||
One feature of PHP that can be used to enhance security is configuring PHP with
|
||||
<link linkend="ini.register-globals">register_globals</link> = off.
|
||||
By turning off the ability for any user-submitted variable to be injected
|
||||
into PHP code, you can reduce the amount of variable
|
||||
poisoning a potential attacker may inflict. They will have
|
||||
to take the additional time to forge submissions, and your
|
||||
|
|
Loading…
Reference in a new issue