I think you don't get me. I am not registering the password. Just I use $_SESSION['uname']=$uname; and I need to get the value $_SESSION['visnme'] in the next new page without passing the uname in the URL itself.( <form action="....?uname=$uname" ) as query parameter
What I need is that I want to fetch the value of $unme in the next page
after login without passing it to next page.
Ofcourse the solution is to use POST.
I used POST to pass it to next page.
That page is authentication.php
where I check the uname and passwd and invoked header('...php?$visnme)
function
From this page how can I pass $uname without using query parameters.
Thanks for the reply -murugesan
----- Original Message ----- From: <[EMAIL PROTECTED]> To: "php mailing list" <[EMAIL PROTECTED]> Sent: Wednesday, August 27, 2003 11:24 AM Subject: Re: [PHP] Cannot pass values from one page to another
Hi,one
Ok this is a major vulnerability that you are coding. Register globals on and password being stored in the session is like having a banner on your home page saying 'come and hack me'.
murugesan wrote:
>My register_globals in set to ON in php.ini file. >I cannot use HTTP_COOKIE_VARS because I need to pass the password from
>page to another.
>
>-murugesan
>----- Original Message -----
>From: <[EMAIL PROTECTED]>
>To: "php mailing list" <[EMAIL PROTECTED]>
>Sent: Tuesday, August 26, 2003 7:13 PM
>Subject: Re: [PHP] Cannot pass values from one page to another
>
>
>
>
>>what's your register globals settings?
>>did you try to retrieve from HTTP_COOKIE_VARS ?
>>
>>
>>murugesan wrote:
>>
>>
>>
>>>Thanks for the message.
>>>I looked into the manual.
>>>But it is not working.
>>>Ofcourse I used session_start in every pages.
>>>
>>>-murugesan
>>>
>>>----- Original Message -----
>>>From: "Jay Blanchard" <[EMAIL PROTECTED]>
>>>To: "murugesan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>>>Sent: Tuesday, August 26, 2003 5:23 PM
>>>Subject: RE: [PHP] Cannot pass values from one page to another
>>>
>>>
>>>[snip]
>>>I got this value in next page(main.php)
>>>But from there I am not able to pass it to next page
>>>I used
>>>session_register('uid');
>>>in main.php
>>>but in next page $uid is returning null
>>>[/snip]
>>>
>>>First, look at the manual for sessions. You have posted many questions
>>>where the manual would have provided you a solution.
>>>
>>>Are you placing session_start() at the top of each page where you
>>>session variables to be available? You should be... >>> >>>Have a pleasant day. >>> >>> >>> >>> >>> >>-- >>http://www.raditha.com/php/progress.php >>A progress bar for PHP file uploads.
_________________________________________________________________
Design your own holidays. Make memories that last a lifetime. http://www.flexihols.com/2003/index.php Enjoy!
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
