Turn on register_globals from command line

I run an old PHP script from a command line like this:

php -d memory_limit=64M /my/script

Open in new window


How can I turn on register_globals for that?
LVL 16
hankknightAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
RobOwner (Aidellio)Commented:
use the -c option to specify a php.ini file you want to use and enable it in there
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
Dave BaldwinFixer of ProblemsCommented:
This http://us2.php.net/manual/en/ini.core.php#ini.register-globals says that you can't, it must be done in 'php.ini' or '.htaccess'.  "register_globals" is going away soon so if you need to keep that script, you may have to modify it to use it on new versions after PHP 5.3.
0
 
gr8gonzoConsultantCommented:
I second what Dave is saying. register_globals is going away for a good reason. It's always been a very large security risk, and if you're coming across scripts that depend on register_globals, it's in your best interests to spend the time to update them so you can turn it off for good.

Having it enabled puts all of your scripts at risk, even those that have been coded in a generally-secure way because having it enabled gives hackers the ability to set or override any variable they want in your script. That ability can be used in all sorts of ways to deface sites or even gain access to the value of your database connection credentials.

Just keep it off and fix the scripts - it's usually quicker to fix the scripts than you might think.
0
 
mc10Commented:
There's no point of using such an old script, if it still uses
register_globals

Open in new window

.
register_globals

Open in new window

allows your script to be hacked easier, as hackers can simply send a variable through another method (
$_GET

Open in new window

or
$_POST

Open in new window

) and bypass your script.

Search around the script, and replace any place where the script relies on
register_globals

Open in new window

to use more secure methods. Having old scripts on your server is a security risk.
0
 
Ray PaseurCommented:
See this article:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_7317-Register-Globals-a-bad-idea-from-day-one.html

To simulate part of the effect of register globals you can extract() the superglobal arrays in the order given by variables_order.  But I'm firmly in the camp with the other experts here - fix the defective code that depends on register globals and do it sooner rather than later!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.