Jump to content

register_globals


xxkylexx

Recommended Posts

  • WHMCS CEO

No,

 

Register Globals is a requirement in order to run WHMCS. Register Globals alone is no security issue. The myth that states it is an issue is one that's been around for a long time but is not really true. There is only ever an issue if there is bad coding. Say for example the user authentication system for the admin area was simply:

 

if($authorised){ dosomethingsensitive(); }

 

Then of course a user could just do ?authorised=true on the end of the URL and then they've got access to run a command, but it's not. All input by WHMCS is properly checked and validated before being used and there aren't any kind of loopholes like that in the login system.

 

There is no need to worry having Register Globals on in your WHMCS directory.

Link to comment
Share on other sites

  • 1 month later...

My host suggested that I put the following in a php.ini file in the public_html folder:

 

register_globals = On

 

I did this and the install still says that the register globals test failed. Is there something I have wrong here or another way to do this?

 

Thank you

Link to comment
Share on other sites

  • WHMCS CEO

Using php.ini files like that only enable register globals in the folder you put them in. For WHMCS to function properly, you would need to put the same php.ini file into every one of your WHMCS folders.

 

Matt

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated