Computer science: PHP: the register_globals phenomenon

Self-tutoring about PHP: the tutor looks into the hazard of register_globals.

In PHP, register_globals, when set to 1 (or on), could allow variables to be created and set from within web requests. In particular, if a variable was uninitialized in a function on the server, it could be initialized with a compromising value from a request.

PHP versionregister_globals status
<4.2default ON
≥4.2default OFF

For specific purposes, register_globals offered a useful and interesting option. However, its inherent security risk led to its removal from PHP.


Jack of Oracle Tutoring by Jack and Diane, Campbell River, BC.

Leave a Reply