While prototyping my db-driven website using Apache 1.3.23 + PPHP 4.1.2 + PostgreSQL 7.2 under the rpm distribution of Mandrake 8.2, I used the default "register_globals=on" setting.
As I'm nearing the end of protyping, I decided to switch "register_globals=off" by ediuting the php.ini file. Unfortunately, by doing so, I lost the connection to PostgreSQL: phpinfo() shows no settings for psql. Since it's a pre-packaged rpm, I've no way to change the default setting aside from editing the php.ini which then "breaks" PostgreSQL connection. I could source the whole mess, but since I'm nearing the end of protyping it seems like a waste of time. I've re-written most of my code to $_SESSION and $_POST to pick up the variables from the various pages. However, in order to test everything I've had to re-load PHP with globals again set to on. Now for the question: I would like to know whether the coding for the variables that I'm using now will work with $_SESSION and $_POST. For some reason, the only way to pick up the variables from a posted page is to use at the beginning of the page (after the initial <?php session_start(); ob_start(); ?>) $sfname = $_POST['sfname']; Now, in all the checking code that follows (to check for empty strings, html code, javascript commands, and bad words) I've reverted to: //snippet of code (<h5> is formatting for CSS stylesheet) if ($sfname == "") die ("<h5>blah, blah blah....</h5>"); This works with globals=on, and while I had it working (without a functional database connection) with $_POST and but not with $_SESSION (??). My question: will this work in "real-time" once I get connected again to the db? It's so frustrating having changed all the code to find that I really didn't have to. Btw: can anyone explain why "register_globals=on" is such a "bad thing"? I've read the security info, and they never really explained it. Sorry for the long post. I would greatly appreciate any assistance on this. Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php