On Wed, 30 Apr 2003, Lee Daniel Crocker wrote:
The wiki uses
a number of non-standard options...
Actually, register_globals is the only thing you have to change
in php.ini to get the wiki running.
You also need iconv support compiled in, although for a latin-1-only wiki
that doesn't need to interact with incoming and outgoing links in UTF-8 it
_probably_ won't get triggered.
Sure, if you
use *uninitialized* global variables and assume they
can only have trusted values. Don't do that. :)
Hopefully. I'm not that confident that either we don't do that, or
that future coders won't do that, so I think avoiding the problem by
coding so that register_globals isn't needed is a good idea.
Yup. Like overflowing your buffers: nobody does it on _purpose_. :)
In SearchEngine.php, I used $_REQUEST[], because I
don't really
care whether the variables come from a GET or a POST.
Oh hey, I learn something new every day. :)
-- brion vibber (brion @
pobox.com)