Page 1 of 1

PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 4:36 am
by onion2k
Something on the PHP 6 mailing list this morning...

"Register globals are the source of many application's security problems and cause a constant grief. We shortly discussed how we want to attend users on the disappearance of this functionality. We decided that if we find the setting during the startup of PHP we raise an E_CORE_ERROR which will prevent the server from starting with a message that points to the documentation. However, due to the use of globals across so many existing open source apps it has been decided that rather than an E_CORE_ERROR we will raise an E_WARNING instead, allowing users to retain globals if required by their code - Faro Poill"

That's quite a u-turn.

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 4:44 am
by Chris Corbyn
Interesting. PHP is such a mess. I love it so much but there's so much I hate about it. It's funny, pretty much my entire development team who primarily write in PHP are constantly complaining about it's bad bits.

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 5:48 am
by timvw
April fools day?

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 7:17 am
by Jenk
timvw wrote:April fools day?
^

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 7:24 am
by Chris Corbyn
:oops:


:banghead:

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 7:30 am
by onion2k
:D

Re: PHP 6 keeps register globals after all.

Posted: Tue Apr 01, 2008 9:10 am
by John Cartwright
Chris Corbyn wrote::oops:


:banghead:
Thanks for the morning laugh!