[nycphp-talk] PHundamentals Topic #4: php.ini settings
felix zaslavskiy
felix at students.poly.edu
Wed Nov 12 15:56:06 EST 2003
On Wed, 12 Nov 2003 15:29:48 -0500
Michael Southwell <southwell at dneba.com> wrote:
> Settings in the php.ini file have an important
> effect on the operation, security and reliability of your application.
> For example, setting register_globals to a value of "on" makes it easier to
> pass variables from one script to another, but opens serious security
> vulnerabilities--so best practice is always to set it "off."
>
Alot of shared hosts set register_globals to off in their php.ini file. If one needs to run scrip with register_globals to on then a nice trick exists. In .htaccess file one can set 'php_value register_globals 1'
Also I seen programs that dont like magic_quote_gpc to be set to 1 to its one can also set that value to 0 in .htaccess file.
> What settings do you consider essential? How should they be set, and why?
>
> In next month's PHundamentals, we'll discuss how to manage these settings
> most effectively.
>
> ====================
> Jeff Siegel and Mike Southwell
> The PHundamentals Team
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
More information about the talk
mailing list