How to Enable Register Globals in PHP 5

If you understand the potential security risks but you still need to run PHP with register_globals ON there are a couple of ways to do it.

If you have access to the servers php.ini then its fairly easy, however if you don’t have access to that file or if you are not willing to make this change server wide then there are other ways to go about it.

php.ini

In your servers php.ini simply set.

register_globals=1

.htaccess

If you don’t have access to your servers php.ini file, you may be able to create/edit a .htaccess file in the same folder as your php file. Simply add this code:

php_flag register_globals 1

coded solution

If neither of the solutions above are available to you, then you need to get your hands a little bit dirty. The following code was submitted to the PHP Manual by Ruquay K Calloway. Simply add the following to the top of your PHP script:

include('register_globals.php');

register_globals();

And then add the following into register_globals.php:

/**
 * function to emulate the register_globals setting in PHP
 * for all of those diehard fans of possibly harmful PHP settings :-)
 * @author Ruquay K Calloway
 * @param string $order order in which to register the globals, e.g. 'egpcs' for default
 */
function register_globals($order = 'egpcs')
{
    // define a subroutine
    if(!function_exists('register_global_array'))
    {
        function register_global_array(array $superglobal)
        {
            foreach($superglobal as $varname => $value)
            {
                global $$varname;
                $$varname = $value;
            }
        }
    }
   
    $order = explode("\r\n", trim(chunk_split($order, 1)));
    foreach($order as $k)
    {
        switch(strtolower($k))
        {
            case 'e':    register_global_array($_ENV);        break;
            case 'g':    register_global_array($_GET);        break;
            case 'p':    register_global_array($_POST);        break;
            case 'c':    register_global_array($_COOKIE);    break;
            case 's':    register_global_array($_SERVER);    break;
        }
    }
}
/**
 * Undo register_globals
 * @author Ruquay K Calloway
 */
function unregister_globals() {
    if (ini_get(register_globals)) {
        $array = array('_REQUEST', '_SESSION', '_SERVER', '_ENV', '_FILES');
        foreach ($array as $value) {
            foreach ($GLOBALS[$value] as $key => $var) {
                if ($var === $GLOBALS[$key]) {
                    unset($GLOBALS[$key]);
                }
            }
        }
    }
}
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s