Having register_globals=on and referring to variables as if($name){} or using $_GET & $_POST statements like if(isset($_GET['name']))?
What is the main advantage/disadvantage in both cases.
Doesn't matter if it's on or off, really.
1) Don't trust any input from the user 2) Always initialize any variables you use
Follow those two rules and you can program secure programs that will not depend upon register globals.
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
