问题描述
你会认为找到这个问题的答案会更容易。
做了搜索,我能找到的就是人们在问为什么不是这样的/>
工作和人们回复它是因为register_globals关闭了。
我发现有一个人说:这个改变是好的,因为
register_global转向on有一些严峻的安全隐患。但
没有提到那些是什么!
我现在正在服务器上工作,有几百个PHP页面有人
写了。 register_globals已开启。而且我需要看看它们带来的风险是否超过极端烦恼而且可能会损坏,如果我关闭则会导致最坏的销售损失。
至少我需要经历并将$ _GET和$ _POST添加到
所有数百个上一个编码器调用表单结果的位置
不使用那些。
也许还有其他的东西,比如GD和PDFLib以及什么
的使用方式,会受到影响。
php.net我什么都找不到。
谢谢!
利亚姆
You''d think it''d be easier to find the answer to this question.
Did a search, and all I can find is people asking why something''s not
working and people replying it''s because register_globals is off.
I found one person said: "The change is for the better since
register_global turned to on had some grim security implications." but
no mentioning of what those are!
I''m working on a server now, with a couple hundred PHP pages someone
has written. register_globals is on. And I need to see if the risks of
having them on outweigh the extreme annoyance at best and possible
broken processes leading to lost sales at worst if I turn then off.
At the very least I''ll need to go through and add $_GET and $_POST to
all the hundreds of places where the previous coder called form results
without using those.
Perhaps there are other things, like the way GD and PDFLib and whatnot
are being utilized, that would be affected.
Anyway, could someone point me to somewhere that explains the risks?
php.net I couldn''t even find anything.
Thanks!
Liam
这篇关于register_globals有什么风险?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!