Re: redoing website after 7 years

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2009/1/7 Lamp Lists <lamp.lists@xxxxxxxxx>:
> hi guys,
> I did php/mysql based website for one my client 7 years ago, in time when register_globals was on by default.
> hosting company upgraded server to php5/mysql5 and turned globals off. the site is doesn't work any more.
> I can define globals on again in .htaccess but rather not because it could be a big risk.

The first point to make is that the risk is no higher now than it has
been for the previous 7 years. Register_globals is not inherently
insecure, it's the way people code their scripts which makes it open
to abuse.

> to work again I have to spend a lot of hours to modify the code. boring job. but, I'm more concern does client has to pay the changes/upgrade or it's still "my obligation"?
> anybody had similar experience?

Personally I'd tell the client that the host has upgraded the server
software which has broken the site. It needs work and they need to pay
for it. If they object tell them you can work around the issue but it
means potentially exposing the site to potentially fatal security
risks.

-Stuart

-- 
http://stut.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux