Enable register_globals using .htaccess
By default, our server has register_globals set to 0. This is for security reason.
You can modify the setting by adding the line to the htaccess file:
1) Log in to cpanel >> file manager >> /www/
2) Click on .htaccess
3) Click on Edit File on the top right
4) Add the line: php_value register_globals 1
However, you should understand the implications of the modification to certain extent.
——————————————
Below is an example of application with security loophole that is prone to attack by hackers.
if (isset($submit)) {
$logged_in = yes;
Application runs…
}
Instead of using $submit, you should use $_POST[’submit’] if the variable is posted from a form. This specifies exactly where the variable comes from.