Thanks, I'll check that out. I just read in a forum that if you put a php.ini in the home directory (I assume DocumentRoot) that PHP reads that one first. Seems like a security risk to do so. See http://www.go4expert.com/forums/showthread.php?t=397 could that be so? Thanks, Keith Edward Norton wrote: On 1/1/07, keith smith wrote: Thank you for sharing this information. If one is on shared hosting there is not way to turn off registered globals via the php.ini ... Am I correct so far? I seem to recall there is some code when added to one's code that it will over ride this. I this correct, and if so can you explain it. I looked on google and could not find it... Thanks, Keith Correct, on shared hosting, one cannot modify the php.ini file. However, you can add "php_flag register_globals off" to your root .htaccess file. --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss Keith Smith A link from my website to yours Submit Your Metro Phoenix Website __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com