Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

register_global


mtaber

Recommended Posts

Can you tell me if osCommerce is planning to change so that register_global can remain off in the future. I read a lot of problems in the forum about installing osCommerce with this set to off and was wonder if this was ever going to be changed/fixed in the future as I am a little uncomfortable changing these settings in .htaccess files or fudging a php.ini in the catalog directory?

 

Being a complete newbie to all this, maybe I am worrying unnecessarily :blush:

Link to comment
Share on other sites

Can you tell me if osCommerce is planning to change so that register_global can remain off in the future. I read a lot of problems in the forum about installing osCommerce with this set to off and was wonder if this was ever going to be changed/fixed in the future as I am a little uncomfortable changing these settings in .htaccess files or fudging a php.ini in the catalog directory?

 

Being a complete newbie to all this, maybe I am worrying unnecessarily :blush:

 

OSCommerce, like many projects, has a roadmap published on the site:

 

http://www.oscommerce.com/community/roadmap

 

I wouldn't fret about changing the register_globals directive in .htaccess or a php.ini. It's actually a good thing, since it allows you to turn on register_globals only for directories/sites that need it. There's nothing inherently wrong with register_globals. It just makes it easier to exploit poorly coded scripts:

 

http://us2.php.net/manual/en/security.globals.php

 

There are also contributions available to remove the need for this:

http://www.oscommerce.com/community/contributions,2097

http://www.oscommerce.com/community/contributions,2957 (Complete patched OSC files from Vger based on the first one.)

Contributions

 

Discount Coupon Codes

Donations

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...