Page 1 of 1
global command security
Posted: Thu Jun 26, 2003 3:22 pm
by m@ndio
by declaring a variable as global within your scripts are there any security implications? or are there any disadvantages?
Posted: Fri Jun 27, 2003 3:34 am
by twigletmac
By declaring as global do you mean within a function?
Mac
Posted: Sun Jun 29, 2003 2:54 pm
by m@ndio
yea like:
Code: Select all
fuction bob(){
global $whatever;
//code here
}
$whatever += 10;
Posted: Sun Jun 29, 2003 2:57 pm
by nielsene
Global variables are normally a maintence nightmare and can cause hard to diagnose bugs to appear. However, I don't think I would say there are any security concerns directly tied to them.
(This is assuming that register_globals is off and you havn't used a "trick" to simulate it being on.)
Posted: Sun Jun 29, 2003 2:59 pm
by m@ndio
cheers nielsene
Posted: Sun Jun 29, 2003 5:00 pm
by qartis
But the more variables are made global, the more memory is required. If you're doing a big project, or something that will be accessed very often, there are some obvious downsides to global variables.
Posted: Sun Jun 29, 2003 6:04 pm
by nielsene
Actually global variables use less memory as arguements are not passed, new reference aren't made, etc.
Yes globals are BAD, but not for the some of the reasons listed.
Posted: Mon Jun 30, 2003 12:53 am
by qartis
Whoa, really? I always avoided them, because I heard that the larger a variable's scope is, the more memory it takes up. Huh, you learn something new every day

Posted: Mon Jun 30, 2003 12:16 pm
by m@ndio
why are globals bad nielsene?
Posted: Mon Jun 30, 2003 1:25 pm
by nielsene
Globals are normally a sign of poor design/decomposition. Globals defeat encapsulatios and abstraction. They typically cause increase maintainence problems.
There are occasions when they are appropriate; however, they are used far too often because of laziness.
Posted: Mon Jun 30, 2003 1:40 pm
by cactus
nielsene wrote:There are occasions when they are appropriate; however, they are used far too often because of laziness.
I think that about sums it up
Regards,
Posted: Mon Jun 30, 2003 3:37 pm
by m@ndio
hehe
