PHP question
John Abreau
abreauj at gmail.com
Fri Mar 30 11:58:54 EDT 2007
On 3/30/07, Nathan Meyers <nmeyers at javalinux.net> wrote:
> As I vaguely recall, some variables access patterns changed for security
> reasons - you could no longer request them by their naked property names
> but instead as elements of a properties hash. There is probably a global
> PHP configuration flag to reenable the old behavior for pages that are
> written to rely on it.
>
The old behavior is dangerous, and would leave the website
vulnerable to compromise in the presence of sloppy PHP code.
So enabling the old behavior is not an option.
--
John Abreau / Executive Director, Boston Linux & Unix
GnuPG KeyID: 0xD5C7B5D9 / Email: abreauj at gmail.com
GnuPG FP: 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list