register_globals有什么风险? [英] what's the risk of register_globals?
问题描述
你会认为找到这个问题的答案会更容易。
做了搜索,我能找到的就是人们在问为什么不是这样的/>
工作和人们回复它是因为register_globals关闭了。
我发现有一个人说:这个改变是好的,因为
register_global转向on有一些严峻的安全隐患。但
没有提到那些是什么!
我现在正在服务器上工作,有几百个PHP页面有人
写了。 register_globals已开启。而且我需要看看它们带来的风险是否超过极端烦恼而且可能会损坏,如果我关闭则会导致最坏的销售损失。
至少我需要经历并将$ _GET和$ _POST添加到
所有数百个上一个编码器调用表单结果的位置
不使用那些。
也许还有其他的东西,比如GD和PDFLib以及什么
的使用方式,会受到影响。<无论如何,有人能指出某个解释风险的地方吗?
php.net我什么都找不到。
谢谢!
利亚姆
_GET和
_POST to
上一个编码器调用表格的数百个地方结果
而不使用那些。
也许有其他的东西,比如GD的方式d PDFLib以及什么
正在被利用,这将受到影响。
无论如何,有人能指出我解释风险的地方吗?
php.net我什么都找不到。
谢谢!
利亚姆
ne**@celticbear.com 写道:
你我认为找到这个问题的答案会更容易。
我做了一个搜索,而我所能找到的就是人们会问为什么某些事情不起作用而人们回答它因为register_globals已经关闭了。
我发现有一个人说:自从
register_global转向on有一些严峻的安全隐患后,这种改变是好的。但是没有提到那些是什么!
我现在在服务器上工作,有几百个PHP页面,有人写过。 register_globals已开启。而且我需要看看,如果我关闭它们,那么它们的风险是否会超过最大的烦恼和可能的破坏过程导致最坏的销售损失。
至少我需要通过并添加
You''d think it''d be easier to find the answer to this question.
Did a search, and all I can find is people asking why something''s not
working and people replying it''s because register_globals is off.
I found one person said: "The change is for the better since
register_global turned to on had some grim security implications." but
no mentioning of what those are!
I''m working on a server now, with a couple hundred PHP pages someone
has written. register_globals is on. And I need to see if the risks of
having them on outweigh the extreme annoyance at best and possible
broken processes leading to lost sales at worst if I turn then off.
At the very least I''ll need to go through and add $_GET and $_POST to
all the hundreds of places where the previous coder called form results
without using those.
Perhaps there are other things, like the way GD and PDFLib and whatnot
are being utilized, that would be affected.
Anyway, could someone point me to somewhere that explains the risks?
php.net I couldn''t even find anything.
Thanks!
Liam
解决方案_GET and
_POST to
all the hundreds of places where the previous coder called form results
without using those.
Perhaps there are other things, like the way GD and PDFLib and whatnot
are being utilized, that would be affected.
Anyway, could someone point me to somewhere that explains the risks?
php.net I couldn''t even find anything.
Thanks!
Liam
ne**@celticbear.com wrote:
You''d think it''d be easier to find the answer to this question.
Did a search, and all I can find is people asking why something''s not
working and people replying it''s because register_globals is off.
I found one person said: "The change is for the better since
register_global turned to on had some grim security implications." but
no mentioning of what those are!
I''m working on a server now, with a couple hundred PHP pages someone
has written. register_globals is on. And I need to see if the risks of
having them on outweigh the extreme annoyance at best and possible
broken processes leading to lost sales at worst if I turn then off.
At the very least I''ll need to go through and add
这篇关于register_globals有什么风险?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
