Re: PLUG site incident last night

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: keith smith
Date:  
To: Main PLUG discussion list
Subject: Re: PLUG site incident last night
Thanks, I'll check that out. I just read in a forum that if you put a php.ini in the home directory (I assume DocumentRoot) that PHP reads that one first.

Seems like a security risk to do so.

See http://www.go4expert.com/forums/showthread.php?t=397

could that be so?

Thanks,
Keith

Edward Norton <> wrote: On 1/1/07, keith smith <> wrote: Thank you for sharing this information. If one is on shared hosting there is not way to turn off registered globals via the php.ini ... Am I correct so far?

I seem to recall there is some code when added to one's code that it will over ride this. I this correct, and if so can you explain it. I looked on google and could not find it...

Thanks,
Keith

Correct, on shared hosting, one cannot modify the php.ini file. However, you can
add "php_flag register_globals off" to your root .htaccess file.
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


Keith Smith
A link from my website to yours
Submit Your Metro Phoenix Website
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com ---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss