The Register_globals of PHP security

Source: Internet
Author: User
Tags html form vars

One, register_globals = Off and register_globals = on difference

Register_globals is a configuration in the php.ini that affects how PHP receives the parameters that are passed over.

The value of the register_globals can be set to: On or off, and we'll give you a piece of code to describe the differences individually.

[PHP]View PlainCopy
  1. <form action=' method=' get ' >
  2. <input type=' text ' name=' username ' value=' Alex ' >
  3. <input type= 'submit ' name=' sub ' value=' sub ' >
  4. </form>
  5. <?php
  6. echo ' username:: ',$username;
  7. Echo ' <br>sub:: ',$sub;
  8. Echo ' <br>get:: ';
  9. Print_r ($_get);
  10. ?>

When register_globals = On, the program runs the commit output as:

[PHP]View PlainCopy
    1. Username::alex
    2. Sub::sub
    3. Array ([username] = Alex [Sub] = sub)

When register_globals = Off, the program runs the commit output as:

[PHP]View PlainCopy
    1. Username::
    2. Sub::
    3. Array ([username] = Alex [Sub] = sub)

The result of the test is obvious: Register_globals means registering as a global variable, so when on, the value passed in is directly registered as a global variable, and off, we need to go to a specific array to get it.

Second, why recommend register_globals = Off?

1.PHP 4.2.0 The default value of Register_globals in the start configuration file is changed from on to OFF, although you can set it to on, but when you can't control the server, your code compatibility becomes a big problem, so, You'd better start programming with the off style from now on.

2. When Register_globals is open, various variables are injected into the code, such as request variables from an HTML form. Plus, PHP doesn't have to be initialized before using variables, which makes it easier to write unsafe code. When opened, people do not know where the variable comes from when they use it, only to take it for granted. But Register_globals's shutdown has changed the way the code internal variables and the variables sent by the client are mixed together in a bad situation. Example Source Manual

[PHP]View PlainCopy
  1. <?php
  2. When the user is legal, assign the value
  3. $authorized = True
  4. if (Authenticated_user ()) {
  5. $authorized =true;
  6. }
  7. Since the $authorized has not been initialized to false beforehand,
  8. When Register_globals is open, the variable value may be defined by a get auth.php?authorized=1
  9. So anyone can bypass the authentication
  10. if ($authorized) {
  11. Include"/highly/sensitive/data.php";
  12. }
  13. ?>

When register_globals = ON, the code above is dangerous. If it is off, $authorized can not be changed by means such as URL request, so much the better, although the initialization of variables is a good programming habit. For example, if you add $authorized = False before the above code executes, whether Register_globals is on or off, because the user state is initialized to unauthenticated.

Iii. What if you need to run some legacy programs on a shared host that has register_globals turned off and the program requires this option to open?

This example simulates register_globals on. If you change the Variables_order option in the configuration file, consider making the appropriate changes to the $superglobals.

[PHP]View PlainCopy
  1. <?php//emulate Register_globals on
  2. if (! Ini_get (' register_globals ')) {
  3. $superglobals = Array ($_server,$_env,$_files,$_cookie,$_post,$_get);
  4. if (Isset ($_session)) {
  5. Array_unshift ($superglobals,$_session);
  6. }
  7. foreach ($superglobals as $superglobal) {
  8. Extract ($superglobal, Extr_skip);
  9. }
  10. }
  11. ?>

Iv. What should I do if I need to remove a security risk on some hosts that have the register_globals option turned on?

This example simulates register_globals Off. Remember that this code should be called at the very beginning of the script. If a session mechanism is used, it is called after Session_Start ().

[PHP]View PlainCopy
  1. <?php//emulate register_globals off
  2. Functionun register_globals () {
  3. if (! Ini_get (' register_globals ')) {
  4. Return
  5. }
  6. Might want to change this perhaps to a nicer error
  7. if (Isset ($_request[' GLOBALS ')) | | isset ($_files[' GLOBALS ' )) {
  8. Die (' GLOBALS overwrite attempt detected ');
  9. }
  10. Variables that shouldn ' t being unset
  11. $noUnset = Array (' GLOBALS ',' _get ',' _post ',' _cookie ',' _request ',' _server ',' _env ',  ' _files ');
  12. $input =Array_merge ($_get,$_post,$_cookie,$_server,$_env, $_files,isset($_ SESSION) &&is_array ($_session)?   $_session: Array ());
  13. foreach ($input as $k = =$v) {
  14. if (!in_array ($k,$noUnset) && isset ($GLOBALS [$k])) {
  15. unset ($GLOBALS [$k]);
  16. }
  17. }
  18. }
  19. Unregister_globals ();
  20. ?>

The Register_globals of PHP security

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.