mtaber Posted February 22, 2006 Posted February 22, 2006 Can you tell me if osCommerce is planning to change so that register_global can remain off in the future. I read a lot of problems in the forum about installing osCommerce with this set to off and was wonder if this was ever going to be changed/fixed in the future as I am a little uncomfortable changing these settings in .htaccess files or fudging a php.ini in the catalog directory? Being a complete newbie to all this, maybe I am worrying unnecessarily :blush:
kgt Posted February 22, 2006 Posted February 22, 2006 Can you tell me if osCommerce is planning to change so that register_global can remain off in the future. I read a lot of problems in the forum about installing osCommerce with this set to off and was wonder if this was ever going to be changed/fixed in the future as I am a little uncomfortable changing these settings in .htaccess files or fudging a php.ini in the catalog directory? Being a complete newbie to all this, maybe I am worrying unnecessarily :blush: OSCommerce, like many projects, has a roadmap published on the site: http://www.oscommerce.com/community/roadmap I wouldn't fret about changing the register_globals directive in .htaccess or a php.ini. It's actually a good thing, since it allows you to turn on register_globals only for directories/sites that need it. There's nothing inherently wrong with register_globals. It just makes it easier to exploit poorly coded scripts: http://us2.php.net/manual/en/security.globals.php There are also contributions available to remove the need for this: http://www.oscommerce.com/community/contributions,2097 http://www.oscommerce.com/community/contributions,2957 (Complete patched OSC files from Vger based on the first one.) Contributions Discount Coupon Codes Donations
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.