Can someone give some examples of what register_globals
are?
And is global $user_id;
considered a register global?
The register_globals
directive:
register_globals
is an internal PHP setting which registers the $_REQUEST
array's elements as variables. If you submit a value in a form, via POST
or GET
, the value of that input will automatically be accessible via variable in the PHP script, named after the name of the input field.
In other words, if you submitted a form containing a username
text field, the expression ($username === $_POST['username'])
at the very beginning of the script would return true
.
Its notoriety is attributed to the fact that it opens lots of security holes, especially for people that follow anything less than a strict coding style from a security perspective.
Classic example:
if(user_is_admin($user))
{
$authorized = true;
}
if($authorized)
{
// let them do anything they want
}
Now, if you visited that script in a web browser and the server had register_globals
on, you could simply append ?authorized=1
to the URL and god-mode would be enabled!
The global
keyword:
global
is a keyword has little to do with register_globals.
Here is an example of its use:
$foo = 'bar';
baz();
function baz()
{
echo $foo; // PHP warns you about trying to use an uninitialized variable
// and nothing is output (because $foo doesn't exist here)
}
buzz();
function buzz()
{
global $foo; // Enables the use of $foo in this scope
echo $foo; // Prints 'bar' to screen
}
Everyone mentioning GET
, POST
, REQUEST
, COOKIE
has effect on register_globals=on
.
I'm just writing this to let you know that -
$_SESSION
will be affected aswell because of register_globals=on
.
http://php.net/manual/en/security.globals.php
That means - if you do as following -
$_SESSION[x] = 123;
$x = 'asd';
echo $_SESSION[x];
The output will be asd
.
And this will cause serious security issues and bugs. I have experienced such a bad thing recently during using Hostgator shared hosting. By Default they have register_globals=on
.
When you have register_globals=on, anything passed via GET or POST or COOKIE automatically appears to be global variable in code, this might have security consequences.
I.e. you click on url test.php?access_level=100 and you'll have $access_level = 100 in PHP.
When you do global $somevar - you are making your own global variable, which usually is not a big issue.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With