Many people are hosted on systems that have register_globals On and don't have the ability to turn it off. If they are lucky they can use an .htaccess file.

I suggest you have at lest one .htaccess file in the XOOPS root dir with:
================
php_value register_globals 0
================

You can then us a phpinfo() file to verify the settings. A quick easy trick is to put a typo in .htaccess and see if you get an error page, then you know if .htaccess is being parsed. If you can't do either and the settings are insecure than I'd consider a new provider.

If you have a module that must use register_globals On and you're willing to risk it then place an .htaccess file in that module's dir with:
====================
php_value register_globals 1
====================

The value is only valid from that module's path and deeper.

hey another one!
Today my site desapear I went in and there was only ome file left mainfile.php I send a mail to support and they restore it at no cost, but then i upgraded to 2.0.6 (the site was again fully functional) and I cannot log in! No body can login what can I do??

thanks