I too would like to disable register_globals. We don't have access to the php.ini file, eh?
The site in question is PHP 4.4.2, with Extra Web Security.
I've read a few things in here and in the DH wiki about running PHP as a CGI to disable register_globals. How do I do this? From the web panel > domain name, the only options I am presented with are Extra Web Security and Fast CGI. Should I turn off Extra Web Security and turn on Fast CGI?
I have an .htaccess file in the root dir with
php_flag register_globals off
but it ain't doing squat.
The site runs a v.1 of Gallery and an older (free) MovableType, and 1.5.x of WordPress. Could I safely switch to PHP5 with these apps?
How to disable register_globals? (kind of shocking that DH defaults it to ON, if you ask me.)