I ♥ register_globals

I am aware that there are some things so shocking that you are not supposed to say them in polite company “Hitler had some good ideas”, “Tori Spelling is really pretty” or “I think I look really good in a beret” are all ideas so confronting that they are best kept to yourself regardless of how strongly you believe them.

I have a similarly shocking sentiment that I feel I have to share.

I really like register_globals in PHP.

There, I’ve said it. I can go away and order my I register_globals shirt now.

I (heart) register_globals

Sure, choosing to mingle untrusted user data and internal variables is a bad idea. Sure, if you are too lazy to initialise important variables with a starting value it gives you one extra way to shoot yourself in the foot. Sure, polluting global scope with form variables is going to be a mess in a larger app.

There remains something to be said for simple, elegant, readable ways to shoot yourself in the foot. PHP, like any reasonably complete programming language provides a whole host of other ways, so removing one is not particularly useful.

I used to teach PHP to beginners as a first programming language. I have introduced a few thousand complete novices to programming via PHP.

With register_globals on, this example is a short step from the “Hello World!” example:

<?php
if($name)
{
 echo "Hello $name";
}
else
{
 echo
  '<form>
   Enter your name: <input type="text" name="name">
   <input type="submit">
  </form>';
}
?>

It flows nicely from a “Hello World!” example. It can introduce variables and control structure if you did not provide an even softer introduction to them. It can be turned into an example with a practical use without making the code more complex.

This version may not look very different to you:

<?php
if($_REQUEST['name'])
{
 echo "Hello {$_REQUEST['name']}";
}
else
{
 echo
  '<form>
   Enter your name: <input type="text" name="name">
   <input type="submit">
  </form>';
}
?>

To an experienced eye, the two versions are almost identical. The second requires a little more typing, but nothing to get excited over.

To a complete beginner though, the second is a couple of large leaps away from the first. To understand the second version, somebody has to understand arrays, and PHP string interpolation. Both of these are important topics that they will have to come to in their first few hours of programming, but without register_globals, they stand in the way of even the most trivial dynamic examples.

I miss being able to assume register_globals as default behaviour. It made the initial learning curve far less steep. It made little examples cleaner and more readable. Like most safety measures, it does not really protect people who are determined to get themselves into trouble anyway. People who don’t understand the reasons behind it just run extract() or some code of their own to pull incoming variables out anyway. The user submitted comments in the manual used to be full of sample code for doing exactly that.

Oh, but just a side note to all beret wearing white supremacist Tori spelling fans, just because I am willing to speak up for one unpopular cause does not mean I am interested in yours. Sorry.

12 Responses to “I ♥ register_globals”

  1. Mgccl Says:

    not safe…
    it’s easy to write a script emulate register_global… no need to turn it on in PHP
    a script read though the $_REQUEST or w/e other array and turn them into variables…
    I wrote one here
    http://mgccl.com/2007/01/26/register-globals-inactive-and-you-want-its-function
    but I believe there is a faster way… use extract() or something…
    I believe there are ways to let php include a file even if it’s not specified for inclusion

  2. Avery Says:

    http://www.mobile.generationip.com/dig-or-nslook-up?_dig_host=proxykat.net&_dig_val=a&_dig_enter=yes

  3. sephora printable coupons Says:

    Williams Sonoma coupons bring about significant savings in items and shipping costs.

    The really neat thing about this palette is that there’s lots of shades for every occasion, day to evening.
    Steer clear of SEO experts who want to charge $1,000 per month or more.

  4. Clothing websites for Teens Says:

    Αw, this was aan extremely good post. Finding the time and
    actual effort to make a top notch аrticlе… but wyat
    can I say… I put thionɡs off а lot and don’t seem to get anytning done.

  5. mobila bucatarie Says:

    I simply couldn’t leave yolur website prior to suggesting
    that I really enjoyed the standard info an individual supply on
    your visitors? Is going to be back often in order to investigate cross-check new posts

  6. Silke Says:

    Initially this software was developed by Alias Systems Corporation and currently it
    is developed by the Autodesk Inc. HP Elite
    - Book 8730w (Nvidia Quadro FX 3700M) Elite - Book 8730w (Nvidia Quadro FX 2700M)
    Elite - Book 8730w (ATI Fire - GL v5725) Elite - Book 8530w (Nvidia Quadro
    FX 770M) Elite - Book 8530w (ATI Fire - GL v5700).
    Even with the basic editor (FREE), users are able to utilize the tools and become familiar to
    the software.

  7. Hgh For Sale Ulta Says:

    Heya i’m for the first time here. I came across this board and I find
    It truly useful & it helped me out a lot. I
    hope to give something back and help others like you aided me.

  8. hgh factor for sale Says:

    ӏ seldom write remarkѕ, however i did a few searching and wound up
    here Some Guy Ranting

  9. natural remedies for nasal polyps Says:

    This blog was… how do I say it? Relevant!!
    Finally I’ve found something that helped me.
    Thank you!

    Also visit my web-site :: natural remedies for nasal polyps

  10. the best easiest way to cure a yeast infection Says:

    I was suggested this web site via my cousin. I’m noo longer certain whether this publish is written via himm as no one else
    know such particular approximately my difficulty.
    You’re amazing! Thank you!

  11. Testosterone Therapy Says:

    Saved as a fɑvorite, I love your web site!

  12. testosterone booster Says:

    I’Ԁ like to find out more? Ι’d want to find out more detɑils.

Leave a Reply