Register Globals On. Security Threat?

[thespursfan]

I am not the expert php programmer, but I do know that the makers of php have started setting register globals to OFF by default for a reason in the newer php versions.
Apparently it's somewhat of a security risk to leave it enabled.
I was wondering if this would lead to any sql injection attacks or leave my database and site vulnerable? Has there been extensive testing about security with indexu?
I'd hate int invest all this time to build a large directory, only to see it hacked.
Thanks for the assistance.

[inspireme]

I have tried sql injection, php injection, and a few other common hacks on my site but the abstraction layer of indexU strips out ' which helps. Some guy came on here a few months ago and said it had php injection faults but he never said how and where... Its as secure as any other scripts I have used - The biggest assurance I can give you is I couldnt hack it, and nobody has ever said they have had a hacked site because of indexU (to my knowledge)

To be on the safe side backup the DB weekly - not only incase of hacking but incase of your hosting company shutting its doors without telling anybody (experience speaking), or just data corruption.

[thespursfan]

Will do. That puts my mind at ease a little more. I'll definitely be backing up the db regularly.
Thanks for the info!

[landuyt]

backups rule !

i have even a second mysql database ready on my server so if there is a problem i just change it to that one.

[thespursfan]

Landuyt,

How do you go about having a second db ready to move to if the primary one gets corrupted somehow?
Do you just change the database name in the configuration files somehow if you ever needed to?
Thanks.

[landuyt]

yes that's basicly it... i just make a quick rename to backup_name_db in application.php and i have all things running again. it gives me time to solve the problem in the corrupted one. not that i need it very often

and i even have a full backup on my usb stick ( password protected of course )..... you never know....

so if i'm on the road, one internet café is all i need.

[thespursfan]

I see. Do you make daily backups manually (via phpMyAdmin I suppose), or have a script that backs up the database, and saves the output sql file to your server, and then you can download from there?

[landuyt]

i have cpanel installed on my server. But there are a lot of ways to make backups
you can even make backups via your admin in indexu ( i never did it, but i suppose it works well )

and if you can do cron jobs, you can even send every day a backup to your mail. ( i 'm not familiar with this, but i bet there are some here at the forum )

i make backups every day.

[thespursfan]

Cool. Thanks for the info!

[inspireme]

every time i backup my DB using cpanel the site goes down for 5 minutes.

No idea why... I used the indexU backup facility and its fine.