Hm, i think i might just rewrite the thing in OOP, i know how ( to a degree ).
Printable View
Hm, i think i might just rewrite the thing in OOP, i know how ( to a degree ).
There is NO reason to say globals are more unsave then locally defined variables, hell, in most languages with variable scope fallback there is no reall distinction whatsoever. Any sniffer program would just as easy snif locally defined variables, true they tend to live shorter but to a good sniffer that makes no destinction whatsoever.
PHP CANNOT read memory blocks created by other instances. Its the way its build. If that were the case, all I needed to do to hack -any- website is get an account with the same hosting provider, you'd think people'd notice something like that happening ;)
Not using globals because they are unsafe is like not walking down a street because martians could come crashing down from the sky and offer you icecream - although theoretically possible, it doesn't have any reall-life meaning whatsoever.
Lastly, even if a program could sniff variables, what difference would it make? If you're coding correctly you NEVER use plain-text passwords on your scripts, and the only reason to put information in globals is because its -very- general information, like errors or output settings, information thats freely available anyway.
Yes, there is something to be said about security, but you're just being silly here. If you want someone to make save websites, teach them about SQL injections, XSS exploits, PHP.ini settings, etc. Don't make them waste time on stuff like this.
And yes, I know for a fact that my webserver is free from mallware. Its a clean windows 2003 install, with all servicepacks and updates, behind a NAT that only allows trusted traffic trough certain appointed ports, and with only trusted applications installed on it. There is no way in hell its infected by mallware.