At 9/27/2002, you wrote: >Erwin <mailto:[EMAIL PROTECTED]> scribbled; > > > > Qmail List wrote: > >> Hello List, > >> > >> I'm putting a php app that has been off-line for about 18 months back > >> on-line. During my absence from php I had heard about some security > >> issues, so figured I'd try the latest 4.2.3 release. > >> > >> Sessions and the DB are fine, but GET/POST vars are continually > >> empty. I mean a form submission from .html to .php (about the > >> simplest thing possible) the variables are not getting populated with > >> their form values. > > > > Turn register_globals = On in the php.ini file... > > > > HTH > > Erwin > >Or better yet, actually use the new $_GET[] and $_POST[] and leave that >option off.
If you want to make the script compatible both with register globals=off and work with old AND new PHP versions, use $HTTP_POST_VARS and $HTTP_GET_VARS. Manual says they are deprecated, but there is no reason to presume they are removed from PHP any time soon. And if that day comes it's a few minutes task to search and replace all sources to convert them to $_GET and $_POST. For commonly used $PHP_SELF I use this: if (isset($_SERVER)) $PHP_SELF = $_SERVER['PHP_SELF']; $scriptname = basename($PHP_SELF); This way users don't have to select from two source versions, one > PHP 4.1.0 and one < 4.1.0. ------------------------- Pekka Saarinen http://photography-on-the.net ------------------------- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
