[snip]
A client moved their site from a server (unknown details) to a
hosting
facility (php 4.3.2). Now none of the scripts work. I have guessed
that
they are coming from an earlier version of apache/php.
[/snip]
It is likely then that register_globals is set to OFF in the php.ini. In
earlier versions this directive was set to ON. It was a "security issue"
that was more about bad coding than a PHP vulnerability. If you passed a
form field with the name of userName it could be accessed by PHP in the
$userName variable, with RG off you would have to access it via
$_GET['userName'] or $_POST['userName'] dependent upon the processing
method of the form.
[snip]
Also, how bad is the _REQUEST scope I read that "it could not be
trusted"
[/snip]
Again, bad coding would present a danger here.
[snip]
PS. How do you scope queries?
[/snip]
I am not sure what you are asking here. Do you mean making a query
public or private?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
