[UPHPU] $GLOBALS and global best practices
Steve Meyers
steve-uphpu at spamwiz.com
Mon Nov 7 15:12:22 MST 2011
On 11/7/11 3:05 PM, Daniel C. wrote:
> Not necessarily. The old import() function appears to be gone (thank
> goodness) but we still have import_request_variables() and extract()
> which appear somewhat better than import() but could still potentially
> land you in the same boat:
>
> http://us.php.net/manual/en/function.import-request-variables.php
> http://us.php.net/manual/en/function.extract.php
Yes, but we're still operating under the assumption that security
doesn't matter, since you're importing arbitrary variables into your
namespace.
Steve
More information about the UPHPU
mailing list