=== modified file 'includes/bootstrap.inc'
--- includes/bootstrap.inc	
+++ includes/bootstrap.inc	
@@ -135,8 +135,16 @@ function conf_path() {
  * Loads the configuration and sets the base URL correctly.
  */
 function conf_init() {
-  global $db_url, $db_prefix, $base_url, $base_path, $base_root, $conf;
+  if (ini_get('register_globals')) {
+    $allowed = array('_ENV' => 1, '_GET' => 1, '_POST' => 1, '_COOKIE' => 1, '_FILES' => 1, '_SERVER' => 1, '_REQUEST' => 1, 'access_check' => 1);
+    foreach ($GLOBALS as $key => $value) {
+      if (!isset($allowed[$key])) {
+        unset($GLOBALS[$key]);
+      }
+    }
+  }
 
+  global $db_url, $db_prefix, $base_url, $base_path, $base_root, $conf;
   $conf = array();
   require_once './'. conf_path() .'/settings.php';