register global questions

joemorris86

joemorris86

joemorris86

Suspended
Joined
30 Jan 2005
Posts
467
i've just been looking through my php.ini file and i just read the part that goes.

; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off
Click to expand...

but doesn't register globals have to be on to include pages like /?id=page here.

is there a way to get links working like that with register globals on then?
 
What it means is that if you use, say, /page.php?foo=bar with with register_globals on $foo will automatically be set to 'bar' whereas with register_globals off you have to explicitly do it:

Code: 
$foo = $_GET['foo']
Which is better because you then know exactly what variables you have and can also do some validation before setting them :)
 
cheers bs. erm im still a bit confused cause im an idiot at php :confused:

would you be able to leave a little example on how one would go about setting up a php page to include pages.

is it still a code like this?

<?php
if(file_exists("$id.html")){
include ("$id.html");
} elseif (file_exists("$id.php")){
include ("$id.php");
} elseif (file_exists("$id.txt")){
include ("$id.txt");
} elseif (file_exists("$id")){
include ("$id");
} else{
include ("file could not be include");
}
?>

layoutpage.php?id=content
 
Code: 
<?php

$id = $_GET["id"]; //Get the variable from the querystring

if(file_exists("$id.html")){
include ("$id.html");
} elseif (file_exists("$id.php")){
include ("$id.php");
} elseif (file_exists("$id.txt")){
include ("$id.txt");
} elseif (file_exists("$id")){
include ("$id");
} else{
include ("file could not be include");
}
?>
 
That code is a big risk to the security of your server, as it allows any user to enter a filename into the querystring and have it arbitrarily included on the page.

It could be password lists, database connection details and so on. What if the query string was
Code: 
/?id=/usr/share/secret/nuclear_launch_codes.txt
?

You must do some checking of the value before acting upon it. Rob to the rescue!
 
You must log in or register to reply here.
Back
Top Bottom