#25 php global

[Dr Ray Lewis]

The installation requires
register_globals = off

but I have problems with other applications which
REQUIRE register_globals = on. Once loaded I find xrms
works with it set to on, but I need to install it on a
server where I do not have permission to switch to off,
even temporarily.

What should I change in the installation to avoid being
forced to switch it register_globals = off? Can you
assure me that xrms will never actively check in use this
setting (so I can leave it on). The application is being
run in a secure environment so possible security
problems in forms is not an issue for me right now - more
important to get it working.

Regards
Ray

[DebbieB]

Logged In: YES
user_id=1145451

I have the same problem. The install was perfect, but I
receive the message:
Register_globals is currently on for your server. It must be
turned off for XRMS.(It is obsolete, and a security hole that
causes problems for XRMS.) Modify your php.ini file to turn off
register_globals.

I also cannot change the php.ini files.

[DebbieB]

Logged In: YES
user_id=1145451

Dear Ray, I don't know if you tried this already, but I
commented out the fatal error lines related to the global
functions in the: xrms/xrms/install/install.php file and so far
everything is just beautiful. This is a fantatic tool!

[Brian Peterson]

Logged In: YES
user_id=204919

register_globals=on sn't really a safe setting, especialy
for a production server.

The XRMS development team has made every attempt to make our
code safe with register_globals=on, but you should really
fix your other code. The PHP core has recommended
register_globbals=off for over two years now, so continuing
to use code in a production environment that is liklely to
be a security risk seems not all that smart.

Debbie's workaround will work, but we won't support you if
you have problems.

- Brian