Re: FN-FORUM: Register globals on or off??

date posted 8th May 2007 20:49

> Surely not a good thing?

Agreed.

> The only reason I ask is that I never have register globals on.
> However, this site wasn't done by an amature so I am starting to doubt
> whether my thoughts on site security are entirely accurate.

Register_globals allows people to write "sloppy" code, which is easier
than writing rigorous code. This doesn't mean that there will be security
problems, but you have to be more careful to avoid them.

Turning register_globals off means you have to think a bit more about what
you're doing, and perhaps write a little more code. Makes the coding
slightly more difficult, but helps make more secure code. A major benefit
is that the code is more easily maintained by other developers, as it's
clearer where inputs are coming from.

Anthony
--
www.fonant.com - Quality web sites