D
DD32
Guest
I've been having a great time trying to work out why i have NOT been able to get my custom php scripts to work on my subdomain... and i've finally found the culprit..
a non-default php setting which is EXTREMELY bad for security..
register_globals
So i went about disabling it on my account, of course, this can't be done via the main php.ini file as you guys have changed it.
PHP Manual says that the people who can change it are:
PHP_INI_PERDIR|PHP_INI_SYSTEM
Corresponing to:
PHP_INI_PERDIR Entry can be set in php.ini, .htaccess or httpd.conf
PHP_INI_SYSTEM Entry can be set in php.ini or httpd.conf
So i went about setting it in .htaccess.... only to find that setting this:
php_value register_globals off
OR
php_flag register_globals off
Breaks PHP.. Ie. i can only get 500 Internal Error with it..
i don't have access to httpd.conf either...
So is there another way to change this value for my specific account? Or would it be a value that would have to be changed system-wide?
So i trotted off to: http://www.php.net/manual/en/ini.core.php#ini.register-globals
Note: register_globals is affected by the variables_order directive.
Seems it's been set to off since 4.2 was released.. http://www.php.net/release_4_2_0.php
Unfortunatly i can't use ANY of the methods listed.. so, Any Help at all?
Anyway of using per-user php.ini files? ie /home/dd32/php.ini would be my php.ini file, and someone else could use /home/someone_else/php.ini - if they exist.. i know it's possible for per-user php.ini's so just a thought..
Oh and my account is dd32, subdomain is dd32.pcriot.com
Sorry ads currently arn't displayed as it's syncing with my home pc right now alot while i've been trying t figure out this problem, ads will be re-inserted As soon as i get a chance and stop overwriting the files.
a non-default php setting which is EXTREMELY bad for security..
register_globals
So i went about disabling it on my account, of course, this can't be done via the main php.ini file as you guys have changed it.
PHP Manual says that the people who can change it are:
PHP_INI_PERDIR|PHP_INI_SYSTEM
Corresponing to:
PHP_INI_PERDIR Entry can be set in php.ini, .htaccess or httpd.conf
PHP_INI_SYSTEM Entry can be set in php.ini or httpd.conf
So i went about setting it in .htaccess.... only to find that setting this:
php_value register_globals off
OR
php_flag register_globals off
Breaks PHP.. Ie. i can only get 500 Internal Error with it..
i don't have access to httpd.conf either...
So is there another way to change this value for my specific account? Or would it be a value that would have to be changed system-wide?
So i trotted off to: http://www.php.net/manual/en/ini.core.php#ini.register-globals
http://www.php.net/manual/en/ini.core.php#ini.register-globals said:register_globals boolean
Whether or not to register the EGPCS (Environment, GET, POST, Cookie, Server) variables as global variables.
As of PHP 4.2.0, this directive defaults to off.
Please read the security chapter on Using register_globals for related information.
Please note that register_globals cannot be set at runtime (ini_set()). Although, you can use .htaccess if your host allows it as described above. An example .htaccess entry: php_flag register_globals off.
Note: register_globals is affected by the variables_order directive.
Seems it's been set to off since 4.2 was released.. http://www.php.net/release_4_2_0.php
Unfortunatly i can't use ANY of the methods listed.. so, Any Help at all?
Anyway of using per-user php.ini files? ie /home/dd32/php.ini would be my php.ini file, and someone else could use /home/someone_else/php.ini - if they exist.. i know it's possible for per-user php.ini's so just a thought..
Oh and my account is dd32, subdomain is dd32.pcriot.com
Sorry ads currently arn't displayed as it's syncing with my home pc right now alot while i've been trying t figure out this problem, ads will be re-inserted As soon as i get a chance and stop overwriting the files.