Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Registered Globals!


letty

Recommended Posts

Just downloaded oscommerce to see if it is a viable solution to an online store we are creating. And find to my amazement that it requires registered globals to be swithed on! Considering this is considered to be a major security issue with most and the fact that most shared host enviroments will not allow it I was quite surprised to see it. I've read through the various posts on here about fixes and patches and find it odd that the latest release hasn't been re-written to allow for this. After all the claim in the documentation is it will run on any enviroment using php and mySql.

 

Secondly the registered globals contributions patches page has so many files from different sources on it that it is impossible to tell which one to download. Especially as it's at your own risk and I don't particularly want to run the risk of opening up my server to malicious hackers.

 

Any response to this is welcome.

Link to comment
Share on other sites

Yo could wait for version 3, install the suggested patches, enable globals in a htaccess file, enable globals in a php.ini file.

 

Personally I see disabling globals as a shortcoming from the hosting provider since this is an easy way for protection and there better ways to protect your server.

Link to comment
Share on other sites

Just downloaded oscommerce to see if it is a viable solution to an online store we are creating. And find to my amazement that it requires registered globals to be swithed on! Considering this is considered to be a major security issue with most and the fact that most shared host enviroments will not allow it I was quite surprised to see it. I've read through the various posts on here about fixes and patches and find it odd that the latest release hasn't been re-written to allow for this. After all the claim in the documentation is it will run on any enviroment using php and mySql.

 

Secondly the registered globals contributions patches page has so many files from different sources on it that it is impossible to tell which one to download. Especially as it's at your own risk and I don't particularly want to run the risk of opening up my server to malicious hackers.

 

Any response to this is welcome.

Toinstall a contribution that does not contain instructions, like that one, you need to use a compare program like Winmerge.

 

Jack

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...