vikal Posted September 8, 2008 Posted September 8, 2008 hi good afternoon now just help does it make any sence if i started to customize oscommerce by turning on register global or turning off the register global well i am not turning on register global...does it harm to my site please make me clear on both aspect of register global on or off regards vikaL
spooks Posted September 8, 2008 Posted September 8, 2008 Keep register globals off. Some of the vulnerabilities are: user is able to set variable within url ie set $paid=true user is able to call includes pages with url there is more, just search. lots like: http://www.oscommerce.com/forums/lofiversion/i...hp?t257556.html http://www.oscommerce.com/community/contributions,2097 Control with phpini or htaccess or speak to host Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al.
vikal Posted September 8, 2008 Author Posted September 8, 2008 Keep register globals off.Some of the vulnerabilities are: user is able to set variable within url ie set $paid=true user is able to call includes pages with url there is more, just search. lots like: http://www.oscommerce.com/forums/lofiversion/i...hp?t257556.html http://www.oscommerce.com/community/contributions,2097 Control with phpini or htaccess or speak to host hi thanks if someone starting works with registering global on then this contribute works.. i have cheked it.. simple but good thanks regards vikaL
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.