Having recently switched from php 4.0.0 to 4.2.3 I quickly realized the change in variable handling. I still experience problems using the $_POST and $_GET globals so I currently have my register globals ON so I can have the ability to pass variables from page to page without using the $_POST and $_GET methods although I would really like to use them.
My current project has me creating a login interface for users to access a form and file upload tools. I am using only 1 set of scripts for everyone. Each user is assigned a path to their file area and these records are kept in a MySQL database along with username, password and contact info. As Each page is loaded the ID variable is checked and table data is then loaded for them for use on that page. If the ID variable is null they are given an error and redirected to the login page. This is to keep them from bookmarking the index page for the tools. My question is this: If I were to turn off register_globals and use the $_POST and $_GET methods, what are the chances of a user getting someone else's variable information using only one set of scripts for all. There could be up to 700 people using the script at any given time. Cookies are not an options as many users may have them turned off and sessions have never worked for me or at least I have never figured them out to work the way I think they should. TIA, Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
