From a522351ce6c443c446b88cb6740f20bcefab4cca Mon Sep 17 00:00:00 2001 From: Philip Olson Date: Mon, 24 Sep 2001 17:56:35 +0000 Subject: [PATCH] Adding link to register_globals config setting. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@58201 c90b9560-bf6c-de11-be94-00142212c4b1 --- chapters/security.xml | 8 ++++---- security/index.xml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/chapters/security.xml b/chapters/security.xml index 9d48aeb8ba..8836f1a7bb 100644 --- a/chapters/security.xml +++ b/chapters/security.xml @@ -1,5 +1,5 @@ - + Security @@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor Using Register Globals - One feature of PHP that can be used to enhance security is - configuring PHP with register_globals = off. By turning off - the ability for any user-submitted variable to be injected + One feature of PHP that can be used to enhance security is configuring PHP with + register_globals = off. + By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your diff --git a/security/index.xml b/security/index.xml index 9d48aeb8ba..8836f1a7bb 100644 --- a/security/index.xml +++ b/security/index.xml @@ -1,5 +1,5 @@ - + Security @@ -541,9 +541,9 @@ if ($good_login == 1) { // If above test fails, not initialized or checked befor Using Register Globals - One feature of PHP that can be used to enhance security is - configuring PHP with register_globals = off. By turning off - the ability for any user-submitted variable to be injected + One feature of PHP that can be used to enhance security is configuring PHP with + register_globals = off. + By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your