With total disregard for any kind of safety measures "Adams-Blake
Co." <atakeoutcantonadams.takeme.out.-blake.com> leapt forth and
rm ./geeklog -r> I know that having register_globals=ON is a security risk and we
> have it OFF.
> We want to use the GeekLog content manager and it only works
> with ON.
> Can someone give us some coding tips on how to mitigate any
> possible security problems if we turn it on? I know it has to do
> with a querystring that is same as a variable name being sent in
> the URL. How can we prevent that and still leave globals ON?
> Anyone have some simple magic?
Thats the only sure way.
What is geeklog anyway? Have you looked into something else like
There is no signature.....