[Phpmyadmin-devel] Re: Removing of grab_globals

Marc Delisle Marc.Delisle at cegepsherbrooke.qc.ca
Wed Dec 7 16:18:06 CET 2005

Michal Čihař a écrit :
> Hi
> On Wed 7. 12. 2005 20:48, Marc Delisle wrote:
>> From the manual:
>>     Variables provided to the script via the GET, POST, and COOKIE
>>input mechanisms, and which therefore cannot be trusted. The presence
>>and order of variable inclusion in this array is defined according to
>>the PHP variables_order configuration directive. "
> Yes, so there are variables from GET, POST, and COOKIE and their 
> preference is defined by variables_order.
>>This is a separate discussion. So you would like to refer to
>>$_REQUEST['foo'] everywhere in the code, instead of importing into a
>>global $foo?
> Yes. You can then perfectly see that this variable is potentially 
> dangerous. Putting everything in global namespace hides this 
> difference.

Ok I agree.

Another point: having a look at $GLOBALS, can we put all strSomething 
messages somewhere else? I'm afraid that we don't have a choice. Maybe 
they could be in a cute array under $GLOBALS but this produces much 
recoding everywhere.

More information about the Developers mailing list