1.register_globals=on<?php//ex1.phpif (Check_admin ()){ $is _admin=true;} if ($is _admin){ do_something ();} ?>This section of code does not initialize $is_admin to Flase, if Register_globals is on, then we submit http://www.sectop.com/ex1.php?is_admin=true directly, You can bypass the validation of Check_admin ()when Register_globals=on, we submit http://www.sectop.com/ex2.php?_session[username]=admin2.magic_quotesused to automatically escape the input information of the PHP program, all single quotes ("'"), double quotes ("" "), backslashes (" \ ") and null characters (null), are automatically added with backslashes to escape magic_quotes_gpc= On is used to set magicquotes to on, which affects the data for HTTP requests (GET, POST, Cookies) programmers can also use Addslashes to escape submitted HTTP request data, or use Stripslashes to remove escapes. MAGIC_QUOTES_GPC = onadd escape for post, get request, cookie parametersaddslashes ($name) function adds a backslash, stripslashes ($name) removes the backslashhttp://www.test.com/index.php?is_admin=true&name= "\sas"get $name = ' \ ' \\sas\ ';$name = stripslashes ($name); $name = ' \sas ';3.safe_modeIn Safe mode, PHP is used to restrict access to documents, restrict access to environment variables, and control the execution of external programs. EnabledSafe Mode must set Safe_mode=on in PHP.iniA. Restricting file accesssafe_mode_include_dir= "/path1:/path2:/path3"separate folders separated by colonsB. Restricting access to environment variablessafe_mode_allowed_env_vars=stringspecifies that the PHP program can change the prefix of the environment variables, such as: Safe_mode_allowed_env_vars=php_, when the value of this option is NULL, then PHP can change any environment variablessafe_mode_protected_env_vars=string is used to specify the prefixes of environment variables that the PHP program cannot change. c. Restricting the execution of external programssafe_mode_exec_dir=stringThe folder path specified by this option affects system, exec, Popen, PassThru, and does not affect Shell_exec and "". disable_functions=stringdifferent function names are separated by commas, and this option is not affected by Safe mode.
