Register Global Is This Needed What advantage

[bikesbuiltbetter]

Hello All I am setting up oscommerce-2.2rc2a and i am confussed about the contribution register_globals_v1.5 my server has Register Globals Disabled already does this mean that sessions are being stored inthe /tmp directory? I am on a shared server is this a secuity risk? Will this contribution help me with site wide application?

 

I would appreciate any insight some of you more experanced OSC users may have as i hope to have mine up and running and secure as soon as possible

 

Any help would be greatly appriciated befor i continue to add further updates to customize to my site i would like to have the nuts and bolts secure and functioning the best way possible.

 

Thanks for your help

Chuck BikesBuiltBetter.com

[GemRock]

the version of osc, ie, oscommerce-2.2rc2a, is compatible with register globals ON or OFF, in other words, you can forget about this issue and no need to install any 'fix'.

 

Sessions is always better stored in the database, which is set in the configure.php (the last line, fill in 'mysql', rather than leave it blank.

 

Ken

[bikesbuiltbetter]

Thanks Ken thats what i thought but i wasnt sure.

[WoodsWalker]

What is the risk of storing the sessions in the /tmp directory? Just wondering, because I've heard so many people say so...

[Guest]

What is the risk of storing the sessions in the /tmp directory? Just wondering, because I've heard so many people say so...

None that I know of, it does not have to be called tmp.