7.2. Website Attacks
Whenever you publish a site out in the public Internet, it runs the risk of being attacked. While no application can ever be truly 100% secure, as new exploits and hacking techniques are being discovered daily, there are a couple categories of attacks that you can somewhat easily defend against in your PHP scripts.
7.2.1. Abusing register_globals
If it hasn't been driven into your brain by every article, book, or any bit of documentation that talks about register_globals, here it is again: having register_globals set to on is a disaster waiting to happen.
If you're unfamiliar with register_globals, it is a setting in php.ini that controls the auto-population of variables with the same name as form elements or cookies. In the login form you created earlier in the chapter, there was a field called username. Normally, with register_globals disabled, the only way to access the username field from the form after it's posted is to use the $_POST or $_GET array, depending on the method of the form. When register_globals is enabled, the username field is accessible again using $_POST or $_GET, but is also available as $username.
Since PHP 4.2.0, the default value for register_globals is off, but often web hosts will re-enable register_globals to provide compatibility with older scripts that assume the existence of, and rely on, register_globals=on. Unfortunately, this provides a premium avenue of attack for malicious users. When register_globals is enabled, PHP evaluates ...
Get Professional LAMP: Linux®, Apache, MySQL®, and PHP5 Web Development now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.