For most apps, including phpBB and vBulletin (for example), store the "look and feel" inside of dedicated style HTML table docs, or in CSS. Mostly in CSS, for several years now.
Knowing PHP is really important for simple look-and-feel type changes.
Coppermine is a pretty well-known PHP gallery script, and I'm pretty sure it uses CSS for most of its design. Maybe some tabling in the backend admin options.
These better scripts usually make it easy to edit, not hard.
Continued from the email...
Quote:
This came up on my site too. The PHP setting register_globals is enabled on your server, which is a bad idea in terms of security. It's strongly recommended to turn it off.
What does this mean?
thankx
|
register_gloabels adds variables to your scripts on that server, in anticipation of things you might do with your scripts. This was a "feature" of early PHP versions, but it proved unsafe. It was intended to help develop easy scripts for people that may not quite understand PHP.
Hackers use it as an opportunity to inject values into a web script. A number of exploits are based on setting global variables to values that caused hacker software to load and run.
Some scripts have an internal configuration option to turn it on or off, which works independently of how PHP is configured. The preferred choice is to turn it off, and ideally also have PHP configured with register_globals set to no.
Some old software may not run in this "no" environment, so the option to turn on register globals was provided -- but its use is not recommended. The best approach is to replace software that needs register globals, or get someone to update it.
Hosts often have register_globals turned off in the PHP configuration, being a good policy for a secure server and site.
In basic terms, turning on register_globals is a big "HACK ME!" sign.