I upgraded to the latest security patch 6.1.3

it should always be set to off,

Hey CampethoMedia,

Register Globals should always be off. This isn't related to dolphin but your host. If they have it set to on you are asking for trouble.

Some old scripts suggest it on, and you can do this with .htaccess or php.ini overiding your host, but this is not recommended.

If your host does have it on, you should either override it and turn it off with .htaccess or php.ini if you can. or simply find a new host. Register globals on has the posibility to inject anyscript with some see more not so good stuff.

If you want to verify your globals or learn how to turn them off try this:


http://www.dialme.com/articles/entry/SafeHTML-Remote-File-Inclusion

I installed 6.1.3 on my 1&1 server and got nailed through remote inclusion - db.php and error.php. 1&1 says php 5.0 has register globals set to off. Does 6.1.4 take care of denying inclusion or do I need to edit some files? Thanks

I used the fix and got the following error when I try to navigate to my site (ver. 6.1.4):

Parse error: syntax error, unexpected T_VARIABLE, expecting ',' or ';' in /homepages/8/d178253148/htdocs/michaelshehi/family/ray/modules/global/inc/content.inc.php on line 228

Any Ideas?