While prototyping my db-driven website using Apache 1.3.23 + PPHP 4.1.2 + 
PostgreSQL 7.2 under the rpm distribution of Mandrake 8.2, I used the default 
"register_globals=on" setting. 

As I'm nearing the end of protyping, I decided to switch 
"register_globals=off" by ediuting the php.ini file. Unfortunately, by doing 
so, I lost the connection to PostgreSQL: phpinfo() shows no settings for 
psql. Since it's a pre-packaged rpm, I've no way to change the default 
setting aside from editing the php.ini which then "breaks" PostgreSQL 
connection. I could source the whole mess, but since I'm nearing the end of 
protyping it seems like a waste of time.

I've re-written most of my code to $_SESSION and $_POST to pick up the 
variables from the various pages. However, in order to test everything I've 
had to re-load PHP with globals again set to on.

Now for the question: I would like to know whether the coding for the 
variables that I'm using now will work with $_SESSION and $_POST.
For some reason, the only way to pick up the variables from a posted page is 
to use at the beginning of the page (after the initial <?php session_start(); 
ob_start(); ?>)

$sfname = $_POST['sfname'];

Now, in all the checking code that follows (to check for empty strings, html 
code, javascript commands, and bad words) I've reverted to:

//snippet of code (<h5> is formatting for CSS stylesheet)
if ($sfname == "") die ("<h5>blah, blah blah....</h5>"); 

This works with globals=on, and while I had it working (without a functional 
database connection) with $_POST and but not with $_SESSION (??).

My question: will this work in "real-time" once I get connected again to the 
db? It's so frustrating having changed all the code to find that I really 
didn't have to. Btw: can anyone explain why "register_globals=on" is such a 
"bad thing"? I've read the security info, and they never really explained it.

Sorry for the long post. I would greatly appreciate any assistance on this.

Please pray the Holy Rosary to end the holocaust of abortion.
Remember in your prayers the Holy Souls in Purgatory.

May God bless you abundantly in His love!
For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to