I recently have experienced the same thing in upgrading from 4.0.0 to
4.2.3
All variables are now stored globally and can only be retrieved using
$_POST['var'] or $_GET['var'] declarations
i.e.
$username = $_POST['username']; or get if your method was get in the
form.
On Fri, 27 Sep 2002, Qmail List wrote:
> Hello List,
>
> I'm putting a php app that has been off-line for about 18 months back
> on-line. During my absence from php I had heard about some security issues,
> so figured I'd try the latest 4.2.3 release.
>
> Sessions and the DB are fine, but GET/POST vars are continually empty. I
> mean a form submission from .html to .php (about the simplest thing
> possible) the variables are not getting populated with their form values.
>
> Actually, phpinfo() does show the variables and their values if I throw it
> in the .php file. But tailing the mysql log shows the following:
>
> SELECT * FROM users WHERE username='' AND password=''
>
> from this code.
>
> $query = mysql_query("SELECT * FROM users WHERE username='$username' AND
> password='$password'");
>
>
> Regards, Thx
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
