[Phpmyadmin-devel] Re: Removing of grab_globals
michal at cihar.com
Wed Dec 7 12:43:27 CET 2005
On Wed 7. 12. 2005 20:48, Marc Delisle wrote:
> From the manual:
> Variables provided to the script via the GET, POST, and COOKIE
> input mechanisms, and which therefore cannot be trusted. The presence
> and order of variable inclusion in this array is defined according to
> the PHP variables_order configuration directive. "
Yes, so there are variables from GET, POST, and COOKIE and their
preference is defined by variables_order.
> This is a separate discussion. So you would like to refer to
> $_REQUEST['foo'] everywhere in the code, instead of importing into a
> global $foo?
Yes. You can then perfectly see that this variable is potentially
dangerous. Putting everything in global namespace hides this
Michal Čihař | http://cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Developers