Things to define in PHP.INI when doing FORMS

[Anonymous]

I heard that there are things to be done before doing <FORM . You have to check the register_globals, magic_quotes and so..
Can anyone tell me more. I cannot find it in books
TQ

 

[Anonymous]

register_globals http://www.php.net/manual/en/security.registerglobals.php

turning both of them on is basically for lasy programmers who would rather have thier scripts functional rather than being safe.

if register_globals is turned on
example:

an undefined variable $variable can be defined in the url http://blah.com/index.php?vairable=foobar

if register_globals is turned off the undifined variable would be null and the parameter defined in the url would reside in the $_GET['variable'].

get what I mean?