Jump to content



Recommended Posts

in the 1.0.7 version of cubecart and the new 3.0.0 is register_globals beeing used in this? as I have found some information that say's they have security holes..

Here is what I found....

there are numerous ways around register_globals=off, but it is down to the script producer to write code that keeps up with known security holes, and if your scripts have not been updated you need to talk to the authors

register_golbals security hole has been known about for over a year and this should have been known by all php authors, it is only now we have

noticed the users abusing the servers using it and so it is only now

we have had to turn it of to secure our servers and your accounts

there is no way we can turn register_globals back on, due to the secrity issues it will cause, I'm sure you know what we mean.

due to the recent trojan attack on 40,000 sites on the web, we would be lacking in the duty to all our customers to leave open a open door for hackers to abuse our servers and your sites.

Please let me know A.S.A.P


Link to comment
Share on other sites

look in the downloads there is a patch for 2.0.7 to let it work with register globals off. Look at this thread for the background on this mod.

having Register globals ON is a well known security flaw. Brooky is well aware of this and has said from the start that cc3 will work with globals off.

I still maintain that even with globals ON, a well written script will still be totally secure. your host is jumping on the bandwagon of switching globals off. I am glad my host is more understanding.

Edited by sculptex
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...