diff --git a/chapters/security.xml b/chapters/security.xml index 9d48aeb8ba..8836f1a7bb 100644 --- a/chapters/security.xml +++ b/chapters/security.xml @@ -1,5 +1,5 @@ - + Security @@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor Using Register Globals - One feature of PHP that can be used to enhance security is - configuring PHP with register_globals = off. By turning off - the ability for any user-submitted variable to be injected + One feature of PHP that can be used to enhance security is configuring PHP with + register_globals = off. + By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your diff --git a/security/index.xml b/security/index.xml index 9d48aeb8ba..8836f1a7bb 100644 --- a/security/index.xml +++ b/security/index.xml @@ -1,5 +1,5 @@ - + Security @@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor Using Register Globals - One feature of PHP that can be used to enhance security is - configuring PHP with register_globals = off. By turning off - the ability for any user-submitted variable to be injected + One feature of PHP that can be used to enhance security is configuring PHP with + register_globals = off. + By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your