|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
 |
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
|
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Dev Articles Community Forums Sponsor:
|
|
Stay one step ahead of the competition. Evaluate and give feedback
on some of the hottest web development tools on the market today.
Make your opinion heard! Click
Here
|
|
#1
January 30th, 2003, 12:03 PM
|
|||
|
|||
Passing variables in URL
Hi,
When i run the following php script on my local machine it doesn't pass the variables in the URL but it will do it on my server. I am currently running Apache and mySQL locally. This is just a small example to show what the problem is. <html> <head> <title>Dev Page</title> </head> <body> <font face="Arial" size=2> <?php if(isset($add)) { // if the user wants to the database ?> <form action="index.php" method="POST"> <p>Type your text here:<br> <textarea name="text" rows="10" cols="40" wrap></textarea><br> <input type="submit" name="submit_text" value="SUBMIT"/> </p> </form> <?php } else { // default page display echo ("<p><a href='index.php?add=1'>Add some text</a></p>"); } ?> </font> </body> </html> Could anyone tell me why this is happening? Thanks
|
|
#2
January 30th, 2003, 01:09 PM
|
|||
|
|||
|
Its passing - you just need to retrieve the values the proper way. Your local machine is set with register_globals 'off' while your remote machine is set with register_globals 'on'. Retrieve your variables in both cases using ->
PHP Code:
You would obviously use the correct global, ie: $_GET, $_POST, $_COOKIE, $_ENV, $_REQUEST...
__________________
~ Joe Penn We work for free to help make this a valuable resource on the internet. Do you appreciate the help - did we provide help that will help you prosper and help that has contributed to sharpening your current skill set? Show your appreciation and purchase something from our Amazon Wishlist's - it's simple and a great way to say thank you.
|
|
#3
January 31st, 2003, 05:31 AM
|
|||
|
|||
|
I am just coming across this register_globals option. I had in switched on on my home Linux setup by default but then ported something to an online service and had to modify the httpd.conf file to get the scripts to work.
I have been told that its a security feature. What are the pro's and cons of turning register_globals on? Any advice much appreciated Thanks
|
|
#4
January 31st, 2003, 11:12 AM
|
|||
|
|||
|
The one feature of PHP that can be used to enhance security is configuring PHP with register_globals = off. By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your internal variables are effectively isolated from user submitted data.
While it does slightly increase the amount of effort required to work with PHP, it has been argued that the benefits far outweigh the effort. Just an extract from the php manual. 
|
|
| Viewing: Dev Articles Community Forums > Programming > General Programming Help > Passing variables in URL |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
