security of oscommerce

[tomliuwhite]

A lot of people seem to think oscommerce has a security flaw because of register globals. Does anyone know what that means? And possibly explain what the security hole is? Many thanks in advance.

[AlanR]

A lot of people seem to think oscommerce has a security flaw because of register globals. Does anyone know what that means? And possibly explain what the security hole is? Many thanks in advance.

Register globals is a problem for badly coded sites or sites which use methods which osCommerce does not use. While there have been in the past security problems they were long ago addressed and not related to the use of register globals.

 

Just think about it. This is the place where people come with problems and there are thousands upon thousands of osC installations running world wide. How many posts have you seen here about security problems? Those you do see are usually the result of errors by careless or naive users.

 

Sometimes I'll follow a link from an ad just to see what system it's running. For every store you may see in these forums I'd guess there are at least 20 others quietly working away that you've never seen or heard of.

[tomliuwhite]

Register globals is a problem for badly coded sites or sites which use methods which osCommerce does not use. While there have been in the past security problems they were long ago addressed and not related to the use of register globals.

 

Just think about it. This is the place where people come with problems and there are thousands upon thousands of osC installations running world wide. How many posts have you seen here about security problems? Those you do see are usually the result of errors by careless or naive users.

 

Sometimes I'll follow a link from an ad just to see what system it's running. For every store you may see in these forums I'd guess there are at least 20 others quietly working away that you've never seen or heard of.

Thanks for your help!