Details

SEO osCommece Package XII

Loaded Features:
  • Spider Session Remover ( SID Killer )
  • Ultimate SEO URLs
  • Header Tags Controller
  • Google XML Sitemap
  • SEO Assistant
  • AJAX Attribute Manager
  • Product Extra Fields
  • X-Sell v2-MS2 - Cross Sell for MS2
  • Credit Class & Gift Voucher
  • TinyMCE WYSIWYG HTML EDITOR
  • Multi/extra images
  • Purchase Without Account
  • Newsletter & Subscribers

oscommerce register globals

 If your site is down with this error message showing
FATAL ERROR: register_globals is disabled in php.ini, please enable it!

This contribution consists of a patch that will remove the need to enable the ‘register_globals’ option in the php.ini file.

Having register globals enabled is a very serious security issue; it allows an attacker to inject variables into the running PHP code. Just in case you don’t realise, this is a VERY BAD THING.

It also imposes a minor performance overhead. Disabling register globals and using this patch will prevent the variable injection problem. It will also mostly remove the performance overhead.

In fact, if you use this patch, you MUST disable the ‘register_globals’ option. if you do not, things will go horribly wrong - The session management will probably not work correctly because of

the way the patch maps the session variables to the global variable space - I could be be wrong on this point, but I wouldn’t do it anyway. Besides, what’s the point of adding the patch if you are not going to disable register globals ?

Use this contribotion
http://www.oscommerce.com/community/contributions,2097

Posted by admin 14.Aug.08

You can follow any responses to this entry through the RSS 2.0 feed.
Responses are currently closed, but you can trackback from your own site.