There is such a section in the Discuz code:If (isset ($ _ REQUEST ['globals']) OR isset ($ _ FILES ['globals']) {Exit ('request tainting attempted .');}Register_globals is a control option in php. It can be set to off or on. The default value is off.
As we all know, when register_globals = on in PHP. ini, various variables are injected with code, such as request variables from HTML forms. In addition, PHP does not require initialization before using variables. This may cause insecurity. If
The most controversial change in using Register Globals in PHP is that the default value of register_globals in the configuration file is changed from on to off from PHP & raquo; 4.2.0. The dependency on this option is so common that many people do
Dedecms limits the Register_globals.Because the Register_globals set control PHP variable access scope, if the opening will cause unnecessary security problems, so here it is forced to close, if the webmaster space does not support, you can use the
PHP Tutorial Configuration Chinese Narration
Let's see what you see, php.ini.
[PHP]
;;;;;;;;;;;; WARNING;;;;;;;;;;;;; This is the default settings file for new PHP installations.; By default, PHP installs itself with a configuration suitable for;
Intended audience
Introduction
Register_globals
How does the variables get to PHP?
From the URL
From a Form
From a Cookie
From the environment or the Server
Use the superglobals!
Why are they called superglobals?
Other coding techniques
Ways
Learn more about register_globals (with the solution to the failure of the register_globalsoff website ). Register_globalsdedecms imposes restrictions on register_globals. the register_globals setting controls the PHP variable access range. if it is
From PHP 4.1.0, the preferred method for obtaining external variables is to use the Super global variables mentioned below. Before that, people were either dependent on register_globals or long predefined PHP arrays ($HTTP _*_vars). From PHP 5.0.0,
Pre-defined variablesServer variable: $_serverNote: Used in PHP 4.1.0 and later versions. Previous versions, using the $HTTP _server_vars.$_server is an array that contains such things as the head (headers), Path (paths), and script location
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.