Having recently switched from php 4.0.0 to 4.2.3 I quickly realized the
change in variable handling. I still experience problems using the $_POST
and $_GET globals so I currently have my register globals ON so I can have
the ability to pass variables from page to page without using the $_POST
and $_GET methods although I would really like to use them.

My current project has me creating a login interface for users to access a
form and file upload tools. I am using only 1 set of scripts for
everyone. Each user is assigned a path to their file area and these
records are kept in a MySQL database along with username, password and
contact info. As Each page is loaded the ID variable is checked and table
data is then loaded for them for use on that page. If the ID variable is
null they are given an error and redirected to the login page. This is to
keep them from bookmarking the index page for the tools.

My question is this:

 If I were to turn off register_globals and use the $_POST and $_GET
methods, what are the chances of a user getting someone else's variable
information using only one set of scripts for all. There could be up to
700 people using the script at any given time. Cookies are not an options
as many users may have them turned off and sessions have never worked for
me or at least I have never figured them out to work the way I think they



PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to