- it
doesn't work if register_globals options is off (which is
a default in newer versions of PHP)
The wiki uses a number of non-standard options...
Actually, register_globals is the only thing you have to change
in php.ini to get the wiki running.
- it is
considered to be a security risk
Sure, if you use *uninitialized* global variables and assume they
can only have trusted values. Don't do that. :)
Hopefully. I'm not that confident that either we don't do that, or
that future coders won't do that, so I think avoiding the problem by
coding so that register_globals isn't needed is a good idea.
My questions:
a) is there any special reason it's being done this way in Wikipedia?
Force of habit.
Don't forget laziness. :-)
Sure, please send patches. $_GET / $_POST are ugly as
heck, but
it's theoretically a better coding practise.
In SearchEngine.php, I used $_REQUEST[], because I don't really
care whether the variables come from a GET or a POST.
--
Lee Daniel Crocker <lee(a)piclab.com> <http://www.piclab.com/lee/>
"All inventions or works of authorship original to me, herein and past,
are placed irrevocably in the public domain, and may be used or modified
for any purpose, without permission, attribution, or notification."--LDC