Posted: Tue Apr 06, 2004 9:17 am Post subject: Basic understanding of session and register_globals

--------------------------------------------------------------------------------

Hi all,

I am new with php and the web. I have done some programmings
but nothing to a point that I would be able to understand what is
needed to have a website that is secure. Meaning a login page
and tracking sessions to ensure the user is valid on each page.

I have done some simple php script that will take the username
and password and validating against the database, but the more
I read about the web security the more I fear that my idea would
be too easy to get around.

I read little bit about php and the use of sessions but then
I am confused because it said if I don't turn on the
register_globals I can not use it, but if I turn this on in my
php.ini it is not safe.

Can someone please help clarify this.

Greately appreciated any help you can provide.

Regards,