using $_POST

Hi guys,

I have a doubt here,, hope somebody could help me..

I seen some people use $_POST['name'] to capture the input from a form(method = post)... but most of the time, i just capture the input by using $name... without putting the $_POST... and i dun see any prob with it...

does it make any difference if i put $_POST.. it is used only for session purpose or there is certain purposes that i would have to explore ???

please advise..

It all depends on how your php is set up, depending on your register_globals setting (in php.ini)
Pre php4.2.0 this setting was ON as default, This ment Environment, GET, POST, Cookie and Server variables were registered as global variables. I.E. you could use $name to access $_POST['name'].
From php4.2.0 register_globals is turned OFF by default. This means on newer setups $name will not work, but $_POST['name'] will.
So for your current php setup your code will work fine, but it would not work on a lot of servers.
The default setting of register_globals was changed mainly for security reasons, for example for the following code (lifted from the php manual)
In the above example, $authorized was not set to false if the user was not authenticated, thus if auth.php was called with GET auth.php?authorised=1 then $authorised would be true from the begining, so anyone would be authorised. See the php manual's security chapter on Using register_globals for related information. ( http://www.php.net/manual/en/securi...sterglobals.php )

For these reasons it is porbably best to get used to typing $_POST['name'], this will allow better portability (if you move web host, give someone you script / sell your script) stop annoying little errors and imporve security.

There are more ways to improve portability for example use <?php ?> insetead of <? ?> or <% %>.

There should be an article on imporiving portability someware, look at http://www.devarticles.com/art/1/65 for example.

Hope this clears up a few matters.

also see this thread:
Register Globals (How It Works)

its always a good idea to use $_POST though. If you have a long script it could get tricky to remember what these vars are holding.
When i assign a value that is coming from a form the $_POST helps me remember ahh this is coming from a form. Also my comments help me remember too.

If you don't specify where the data should come from, you allow people to "play" with your variables from the querystring when you assume that they are from a "form" or the other way...