Computer science: PHP: the register_globals phenomenon
Self-tutoring about PHP: the tutor looks into the hazard of register_globals.
In PHP, register_globals, when set to 1 (or on), could allow variables to be created and set from within web requests. In particular, if a variable was uninitialized in a function on the server, it could be initialized with a compromising value from a request.
| PHP version | register_globals status |
| <4.2 | default ON |
| ≥4.2 | default OFF |
| 5.3.0 | deprecated |
| 5.4.0 | removed |
For specific purposes, register_globals offered a useful and interesting option. However, its inherent security risk led to its removal from PHP.
Source:
Jack of Oracle Tutoring by Jack and Diane, Campbell River, BC.
Leave a Reply
You must be logged in to post a comment.