I think you don't get me. I am not registering the password. Just I use $_SESSION['uname']=$uname; and I need to get the value $_SESSION['visnme'] in the next new page without passing the uname in the URL itself.( <form action="....?uname=$uname" ) as query parameter
What I need is that I want to fetch the value of $unme in the next page after login without passing it to next page. Ofcourse the solution is to use POST. I used POST to pass it to next page. That page is authentication.php where I check the uname and passwd and invoked header('...php?$visnme) function
From this page how can I pass $uname without using query parameters.
Thanks for the reply -murugesan
----- Original Message ----- From: <[EMAIL PROTECTED]> To: "php mailing list" <[EMAIL PROTECTED]> Sent: Wednesday, August 27, 2003 11:24 AM Subject: Re: [PHP] Cannot pass values from one page to another
Hi,one
Ok this is a major vulnerability that you are coding. Register globals on and password being stored in the session is like having a banner on your home page saying 'come and hack me'.
murugesan wrote:
>My register_globals in set to ON in php.ini file. >I cannot use HTTP_COOKIE_VARS because I need to pass the password from
expect>page to another. > >-murugesan >----- Original Message ----- >From: <[EMAIL PROTECTED]> >To: "php mailing list" <[EMAIL PROTECTED]> >Sent: Tuesday, August 26, 2003 7:13 PM >Subject: Re: [PHP] Cannot pass values from one page to another > > > > >>what's your register globals settings? >>did you try to retrieve from HTTP_COOKIE_VARS ? >> >> >>murugesan wrote: >> >> >> >>>Thanks for the message. >>>I looked into the manual. >>>But it is not working. >>>Ofcourse I used session_start in every pages. >>> >>>-murugesan >>> >>>----- Original Message ----- >>>From: "Jay Blanchard" <[EMAIL PROTECTED]> >>>To: "murugesan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >>>Sent: Tuesday, August 26, 2003 5:23 PM >>>Subject: RE: [PHP] Cannot pass values from one page to another >>> >>> >>>[snip] >>>I got this value in next page(main.php) >>>But from there I am not able to pass it to next page >>>I used >>>session_register('uid'); >>>in main.php >>>but in next page $uid is returning null >>>[/snip] >>> >>>First, look at the manual for sessions. You have posted many questions >>>where the manual would have provided you a solution. >>> >>>Are you placing session_start() at the top of each page where you
>>>session variables to be available? You should be... >>> >>>Have a pleasant day. >>> >>> >>> >>> >>> >>-- >>http://www.raditha.com/php/progress.php >>A progress bar for PHP file uploads.
_________________________________________________________________
Design your own holidays. Make memories that last a lifetime. http://www.flexihols.com/2003/index.php Enjoy!
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php