Important PHP Configuration Change <div style="color: #000080; padding: 2px;">Important PHP Configuration Change</div><div style="font-size: .9em; margin-bottom: 12px; border-bottom: 1px solid #000080; padding: 2px; border-top: 1px solid #000080;">Monday, May 17, 2004 by Kevin Stange</div><div style="font-size: 1em;">I just want to let everyone know that for security's sake, we have decided to turn the register_globals option off. This means that when a form or query string contains the field "action" it is no longer placed in the $action global variable in PHP. Instead, if you are using a query string or "get" form, you need to use $_GET[action]. If you are using a "post" form, you need to use $_POST[action] instead. Files, cookies, and other data can be accessed in a similar manner. Documentation on how each works can be found on the PHP web site. You will need to update all of your scripts to work with "register globals" disabled, as this prevents the possibility that your scripts might be tricked into doing things they shouldn't do. As a rule of thumb, you should already be using $_GET and $_POST for accessing form data since this is the correct PHP method for getting this information and will work regardless of whether register globals is enabled. For more information on this security topic, please see PHP security documentation on register globals.</div>
