Thread: Security in PHP
View Single Post
  #55 (permalink)  
Old 03-28-2008, 12:02 AM
Jeyaseelansarc Jeyaseelansarc is offline
D-Web Genius
  
Join Date: Mar 2007
Location: Chennai
Posts: 1,162
Jeyaseelansarc is on a distinguished road
Send a message via AIM to Jeyaseelansarc
Default Re: Security in PHP
From the above example When register_globals = on, our logic above may be compromised. When off, $authorized can't be set via request so it'll be fine, although it really is generally a good programming practice to initialize variables first. For example, in our example above we might have first done $authorized = false. Doing this first means our above code would work with register_globals on or off as users by default would be unauthorized.
__________________
With,
J. Jeyaseelan
Everything Possible
Reply With Quote