matak
Oct 28 2006, 07:43 AM
| | Joomla shows this warning
QUOTE Following PHP Server Settings are not optimal for Security and it is recommended to change them:
* PHP register_globals setting is `ON` instead of `OFF`
Well it shows two warnings but the other one i can change.
Is this something i, or you should be woried about or is it normal... |
Reply
jlhaslip
Oct 28 2006, 09:24 AM
QUOTE(Larry Ullman @ Author)
Now, with register_globals, I should first clarify that turning register globals on IS NOT a security risk or a bad idea. And turning it on for a local server is definitely NO security risk. RELYING upon register globals is a security risk and a bad idea but just having this setting on is fine (and very common for hosted servers).
SourceAs quoted on another Forum I belong to which deals strictly with PHP and Mysql matters. And the php.net page which discuses the topic is here: http://us3.php.net/manual/en/security.globals.php. Nothing to be worried about if the variables and coding are properly managed. Biggest thing to remember: NEVER, EVER trust user data. Always cleanse it using the method appropriate to the data source and the data target. Stripslashes(), html_entities(), magic_quotes_gpc all have different intentions and should be used accordingly.
Reply
shadowx
Oct 28 2006, 01:51 PM
As those websites and jlhaslip said you can leave it on but i generally turn it off because as said it makes writing vulnerable code so much easier and i think it can also be a risk from SQL injection (eg putting a query into the url and having the website execute it and showing the attacker sensitive information.) The only real difference Ive ever noticed is that by having it on you have to type code like CODE
$user = $_POST['user'];
because (as is the point with register_globals) the code will not automatically take the value of the post variable 'user' and plant it into the variable $user. For development i also find it easier to have it off so that i must use code like above in the event that a host has it off too and i cant change that then i wont have to modify my code. And definitely use the functions jlhaslip said to make sure that input is safe(ish) for the code to use.
Reply
farsiscript
Oct 29 2006, 09:35 AM
Dear matak , i think its better to use mambo script , Joomla has many bug and its not very good and secure script use mambo its real cms thanks
Reply
michaelper22
Nov 17 2006, 07:16 PM
QUOTE(farsiscript @ Oct 29 2006, 04:35 AM) 
Dear matak , i think its better to use mambo script , Joomla has many bug and its not very good and secure script
use mambo its real cms
thanks
The Joomla project is actually a fork of Mambo, meaning some developers from Mambo said Bye Bye and borrowed the source code to make their own product (which is legally allowed under the GNU GPL). So if anything, Mambo and Joomla would constantly be competing for levels of security. And matak, don't worry about the Register Globals warning, I run Joomla and mambo with the same thing and I have no problems.
Reply
farsiscript
Nov 18 2006, 05:58 PM
Yes Dear michaelper22 I Agree Your Post about mambo and Joomla , i test mambo and Joomla with register_globals , Thanks
Reply
blendergalactica
Nov 18 2006, 07:25 PM
However, all the extentions/programs that extend mambo/joomla's functionalities have moved to joomla. Mambo doesn't have a lot left going for it at this point. That being said I haven't had any problems with Joomla thus far...
Reply
lihuyt
Mar 4 2007, 09:40 PM
THE SOLUTION:In the folder /public_html there is a file which is called .access. Edit this file and enter at the bottom of the file this line: CODE php_flag register_globals off Then click save. Now register_globals is turned OFF in ALL subfolders!This code/solution is not originally by me but comes from this link: Click here. I will not take the honor of this code, but I felt like it was relevant to post it here.
Reply
Recent Queries:--
godaddy joomla php register_globals setting is `on` instead of `off` - 139.69 hr back. (1)
Similar Topics
Keywords : security, check, php, register, globals, installing, joomla, trap17
- Installing Drivers In Ubuntu(hardy Heron)
(4)
When Trap17 Will Host Non-english Sites?
"All websites must be in English to qualify for free hosting"- (5) QUOTE All websites must be in English to qualify for free hosting. We do this to ensure that
Accounts are legal and have permissable contents. I totally agree with the need to ensure that
accounts are legal and have permissable contentes, but I believe there's a big portion of forum
members who speak English as their second language, including myself, and so, I assume some time
they may need free hosting in their native language. So, why can't Trap17 host sites in those
non-English languages which have a large community in the forums? I'm sure that t....
Trap17 Banners And Stuff?
(2) I wanted to add a small banner link thing for trap17.com on my website, and I knew there was a
thread about it, but I lost it, and I tried searching for it and didnt find it. Is there anyone who
knows that thread and can give me the link to it? Thanks!....
Shoutcast Radio On Trap17
Possible? (5) When I get my hosting here (again), will it be possible to host a shoutcast radio on the site? I was
wondering because I really wanted to set up a radio and those other free hosting sites wouldn't
let me. Thanks!....
Joomla On Trap17
(2) Hey guys, is it posible to install Joomla on my site hosted by Trap17 thru cPanel? How do i do it?
Doi first download Joomla to local media? I need to know before I start planning about installing
Joomla on my site. I cant do it now because my ISP is blocking my ports and now I can't access
my cPanel. But I need to plan so that if it is posible I keep building the site on my local server
then install Joomla and upload the files when I get access. One other thing. How do I get rid of
the info that appears above and below the content that I'll have added. Imea....
Joomla Help
:) (2) Hey. I'm really new to using Joomla. I have installed a template. but it only works on the
homepage. Any other pages on the site just have white backgrounds and weird text. The site is:
http://theavamovement.com User: guest Pass: joomlahelp There is also a few little questions like
what does this do, and what does that button do. I know some of my questions a probably answered in
big guides or whatever, but I'd really appreciate if someone could add me on MSN/AIM (who has
joomla knowledge) and just explain some things like on my level. Because sometimes gu....
Websites Like Trap17?
are there any? (2) Are there any websites that give out different things other than free website hosting? if so please
post.....
Motorola Rizr Z3
the new Cell phone ( Check out ) (2) Motorola RIZR Z3 Cell Phone
After the RAZR comes RIZR (for riser). The all-new Motorola RIZR Z3 was showcased in
Cape Town, South Africa. Also known as the Capri, the Z3 is available in a slider form-factor
boasting quad-band GSM and EDGE support.
The phone has Bluetooth capability, and a nice addition is the A2DP (advanced
audio distribution profile) thrown in - you can conveniently use a wireless stereo headset w....
Hi Trap17!
(4) Hey everyone. My name's Matt. I'm 15 years old and i live in the USA. My interests are
computers, technology, basketball (GO LAKERS!!), movies, hanging out with friends... I think
it's really cool getting to know more people so leave a reply. =]....
Hello Trap17
(4) I tried many hosts, but by far the things that this program offers seems better than all I tried, I
just hope I remember to keep my credits up.....
Trap17.com Turns 4 Today
(13) WOOT!! What can I say about trap17 as the stats of this site say it all, hmmm maybe a
gig of hosting and double the bw /laugh.gif" style="vertical-align:middle" emoid=":lol:" border="0"
alt="laugh.gif" /> We all know what trap17 is about and we see members come and go as we have 4
generations of trap17 member representing this little hosting company out of India, started by a
computer nerd like most of us. So let the week long celebration begin with a roll call: Member
No.: 1,218 Class of 2004 I GOT NACHOS!! /laugh.gif" style="vertical-align:mid....
Trap17 = Amazing. I Will Refer You Guys To All
#1 free web host (10) At first, my intention of choosing trap17 was to get a free, quality web host. But oh wow, I had no
idea WHAT A GREAT COMMUNITY THIS PLACE IS! Earning credits is a breeze. Just write quality
posts and don't spam. Genius! Look at the amazing community you guys have! If Trap17
didn't have free web hosting, I would still come to this community! 1. Mature members 2. No
spam 3. Fun 4. Fun admins I want to thank everybody at Trap17 for creating such a great place, and
I will be looking forward to setting up my site at Trap17! If someone can pl....
I Am Looking Into Going With A Paid Hosting Service And Trap17 Has Been Good To Me So Whats The Paid Hosting's Website?
(7) I am looking at different solutions for paid hosting and I know that that trap17 has some connection
with a paid hosting company and I would like more info about it because I like the way this place is
run and it has been a good place to have my website. So what is the site for the paid hosting?....
Trap17 Dynamic Recent Post/topic Image
(17) Some may remember a while back I created a dynamic image that would tell you your post count and
last active for trap. It had a bit of a run but then died off. It just wasn't very useful.
BUT NOW I am presenting the most epic trap17 image Ever. This one is SUPER customizable and already
works for ALL MEMBERS ! It is designed to be put in your sig so other members can see the
recent topics you have written. It is still in early early beta stage but soon it will have the
date posted along with some other cool features. So I'm sure you are all excited t....
Trap17 2008 Award Winners
(12) Finally after many months of waiting, we have the winners of the trap17 awards, we had 652 votes,
and although some of them were voted multiple times. I did my best to clean those multiple votes
up, even though someone earlier decided to go multi voting. So here are the winners of this years
Trap17 awards Winners QUOTE Trapper of the Year Saint Michael 19 OpaQue
16 jlhaslip 16 Most Valuable Poster Saint Michael 18 jlhaslip 16 OpaQue 4
Moderator of the Year Velma 17 jlhaslip 16 rvalkass 9 Most Helpful Memb....
Need Help Installing Dolphin Community Script!
(5) I'm not sure if this is the right place to post this but I really need help in installing the
dolphin community script. I have absolutely no previous experience of scripts or programming. I
would really appreciate if someone could walk me through it step-by-step, or even do it for me by
logging into my cpanel. I have tried to install it my self but I'm a little confused. I'm
sure it won't take very long at all for someone who has done this before.....
Database With Mysql++
getting mySQL++ to work with trap17 (7) Hi, I'm trying to build an online game and figured the easiest way to do the server list would
be to make a mySQL database for it; however, I use the con() command on the IP i get from pinging my
website and I always get an abnormal program termination; however, it will work with the mySQL on my
own machine. The code is below: CODE #include <iostream> #include <iomanip>
#include <mysql++> #include "pass.h"//holds my password (i program at
school) int main(void) { Connection con("t3jem3_test","....
The State Of Trap17
Some Things Are Getting Pretty Annoying Here (24) I, the founder of trap17, declare that this is one of the most hilarious topics ever made. Members
please take your time to read this and do enjoy it. My special thanks to Buff and Velma. I
personally ditest trap17 because of it's clutter, it's impossibility to navigate, and the
fact that admins like buffalohelp haven't been banned yet, as he abuses his power to the point
of threatening free speech. Trap17 is way to orienated on its appeal, and not it's content,
which is what's really important. If you make something flashy but pointless, all your....
Editing Or Modifying Joomla For A Beginner
Php Help... Joomla related. (4) I have this code already existing... (index.php) id ) { initEditor(); } ?> " /> " ; ?> " ;
?> .... .... and it goes on. i am told to add this code in the head section...
/modules/mod_smo_ajax_shoutbox_css.php" type="text/css" /> <script type="text/javascript" src="
/modules/mod_smo_ajax_shoutbox_js.php"> I don't know much about PHP, but I don't see a
incorporated in the index.php and I am not sure how to add the code. Anyone help out? Last warning
notice** Topic title is IMPORTANT! ....
Adding Your Website To Google
How to register with google (20) Hi everyone. Hopefully here im going to tell you how to register yourself with the Google search
engine and get yourself in their results. Ill start the tutorial assuming you already have Meta
tags or other search engine optimisation techniques in place. This tutorial is solely about
registering with google. At one time i thought simply using meta tags etcetera would get you listed
in Google, i then found out that didnt work, so i wondered why, and the fruits of my labour are what
will go into this tutorial. the first step is to get a google account, this will get y....
2nd Method Of Disabling Safe Mode On Winxp
Check this one out too (2) Another method to disable safe mode is to remove the registry key: Backup the key before deleting
it, of course. This method does not remove the boot menu. However, it disables Windows' ability
to actually boot to safe mode. Attempting to boot to safe mode will cause a quick Blue Screen of
Death (BSOD) and restart.....
Test Your Browser For Security
take the browser security test (11) test your browser for security holes: http://bcheck.scanit.be/bcheck/ This checks for the most
commonly occurring security vulnerabilities in the major browsers.In total there are some 40 tests
and may take a long time to finish. I have run this test on 4 browsers: 1)IE 7 : 0 vulnerabilities
(but the browser goes crazy, opening several windows and applications) 2)IE 6 : 1 medium risk (the
browser goes crazy like IE7) 3)Firefox 2.0.0.3: 1 medium risk (i think some plugin might have caused
this as some others have had different results) 4)Opera 9.2: 0 vulnerabilities ....
Trap17 Is Amazing Hosting Service
(26) I've been looking around Google and it's so hard to find a decent host that doesn't
ban/delete your account for no reason, that has a nice bandwidth/space and doesn't flood your
site with adverts. Trap17 is amazing. All you need is to register on this forum, get hosting
credits and off you go. In no time you get a great offer. I need my credits now, but I just want to
say, everyone advertise on your sites. Give credit to Trap17, they don't ask for adverts, but
it'd be nice if you could give them a little mention on a 'Credit's or 'Lin....
A Trap17 How-to Guide For Beginners
Something for those who can't get enough of the Trap17 Readme file (12) I am not entirely sure if this the right place to post about this, but here goes anyway... For
those who find themselves slightly (or considerably more than slightly) clueless about where to get
started after getting a hosting account, here is an user guide that might potentially help you
out. I wrote it out of three hours, so forgive me if it's clumsy, but I'm hoping that a few
people here may find it useful. Feedback is greatly appreciated /smile.gif"
style="vertical-align:middle" emoid=":)" border="0" alt="smile.gif" /> I'm planning to build on
a FAQ....
Joomla Help
(6) HI! Anyone of you are knowing joomla ??? It is a CMS (content management System..) I have a
problem. I Install joomla and all works fine then i try to login as admin, but i can`t login Evil or
Very Mad I have tested a lot of things: Cookies other browser (firefox,mozilla,IE) disable the
firewall, disable the virusShield But i have no idea why it do not work???? MY details: AMD
Athlon XP 2500 512 MB RAM winxp Sp2 Apache 2 (2.0.55) MYSQL 4.1 PHP 4 can you help me???? cu
lumpic....
Error Installing Windows Xp -error 7 Ntkrnlmp.exe
(10) i have tried to install windows xp on my pc and i get an error right after it ask at the bottom of
the screen to press f2 to restore an error pops up saying FILE
\$win_nt$.~bt\NTKRNLMP.EXE cannot be open error 7 setup cannot complete and has
to close i have had windows xp on the pc before so i know its compatible but i used a different
version of windows before ,this tinme im using a new one and i get this error i seem to find no
solution anywhere about how to resolve this and I was wondering if possible theres something i need
to do,I am not to sm....
The Best And Free Website/html Editors + Text Editors
A good collection! Check it out. (48) Here they are, the best html editors. Just pick one because they are all free, or choose one of the
ones i most recommend. WebCore Designer 2005 http://www.mpsoftware.dk/webcoredesigner.php
HTMLGate Free http://www.mpsoftware.dk/htmlgate.php Ma Page Web http://www.aldweb.com
MAX's HTML Beauty++ 2004 http://www.htmlbeauty.com WebWorks http://w1.213.telia.com
PageBuilder HTML Editor http://www.tafweb.com Website Mentor http://www.dark-street.com
Cascade DTP http://www.price-media.demon.co.uk BPlainPro http://home5.swipnet.se/~w-52253/hy....
*** Click Here To Get Your Free Hosting ***
Trap17 Free Web Hosting Request Form - FILL OUT THIS FORM (1) Welcome to Trap17 Free Web Hosting. Before you start, read the Trap17 Readme . NOTE:
Trap17 is not like other forums where you can still survive without reading stickies. If you
don't read the Trap17 sticky you will NOT UNDERSTAND how to get hosting. Please take a few
minutes to do that now. Some more info: A NOTE TO NEW MEMBERS (those who haven't yet
participated in our forums) Before you post an application, You must participate in our forum and
collect "Hosting Credits". You earn "Hosting Credits" when you make a post. You should make good
genui....
The Trap17 Story
(87) I got hundreds of PM's asking what the hell is trap17, how did I get this name, what does it
mean.. there is also a thread open regarding this. While most of the people are still wondering,
what does trap17 mean ?? Ok! Time to open up the secret! I used to play CS in a gaming
zone at my place called Trap17. I used to waste 8 hours out of my life,everyday in that place and
I kept doing it for about 2-3 years! After which that gaming zone was converted into a Gaming
Shop where now Game CD's are sold. Its name was changed from Trap17 to Cobra! ....
Beside novel or friction, what do you read?
Wonder what books trap17 people read. (5) Anyone read sth like "The Goal", SuZe Orman's books, or cook book?....
Looking for security, check, php, register, globals, installing, joomla, trap17
|
|
Searching Video's for security, check, php, register, globals, installing, joomla, trap17
|
advertisement
|
|
Jul 25, 2008
