Misreporting register_globals for PHP 5.5?

ryoken · Post by **ryoken** » 11 Aug 2013, 16:12

I recently setup cPanel and built EasyApache with Apache 2.4.6 & PHP 5.5.1. After installing CSF v6.30 and running Check Server Security, "Check php for register_globals" is coming up as "WARNING".

I opened /usr/local/lib/php.ini and confirmed it contained the following lines:

Code: Select all

; You should do your best to write your scripts so that they do not require
; register_globals to be on;  Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off

I also ran "php -i", but "register_globals" is not shown anywhere in the output. Perhaps this is because PHP 5.5 has completely dropped support for register_globals?

--
Edit: Just had a look at the changelog and found a hint - for CSF v5.61 there is "Skip checks for register_globals and suhosin if running PHP v5.4.* in Server Check report". Perhaps this feature should be extended to PHP 5.5.x as well?

Post by **ForumAdmin** » 16 Aug 2013, 10:34

This has been implemented in csf v6.31:
http://blog.configserver.com/?p=1978

ryoken · Post by **ryoken** » 17 Aug 2013, 07:27

Thank you very much!

ConfigServer Community Forum

Misreporting register_globals for PHP 5.5?

Misreporting register_globals for PHP 5.5?

Re: Misreporting register_globals for PHP 5.5?

Re: Misreporting register_globals for PHP 5.5?