PLUG site incident last night
keith smith
klsmith2020 at yahoo.com
Mon Jan 1 18:30:11 MST 2007
Thanks, I'll check that out. I just read in a forum that if you put a php.ini in the home directory (I assume DocumentRoot) that PHP reads that one first.
Seems like a security risk to do so.
See http://www.go4expert.com/forums/showthread.php?t=397
could that be so?
Thanks,
Keith
Edward Norton <r00t3d at gmail.com> wrote: On 1/1/07, keith smith <klsmith2020 at yahoo.com> wrote: Thank you for sharing this information. If one is on shared hosting there is not way to turn off registered globals via the php.ini ... Am I correct so far?
I seem to recall there is some code when added to one's code that it will over ride this. I this correct, and if so can you explain it. I looked on google and could not find it...
Thanks,
Keith
Correct, on shared hosting, one cannot modify the php.ini file. However, you can
add "php_flag register_globals off" to your root .htaccess file.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Keith Smith
A link from my website to yours
Submit Your Metro Phoenix Website
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070101/e2641f63/attachment.htm
More information about the PLUG-discuss
mailing list