register_globals just automatically sets all superglobal variables (i.e. $_POST and $_GET) to normal variables like $name and $author.
Take this page, for instance, that you want no one but those logged in to access. register_globals is on and the session variable is $name.
else header("Location: error.php");
Say this page is index.php. If someone access it like this: index.php?name=whatever then $name will be whatever, and anyone could access the page that way. The easiest workaround is to turn off register_globals and access superglobals with $_POST, $_SESSION, etc.