On Tue, February 20, 2007 10:32 am, Otto Wyss wrote: > I've an input field in a form > > <input name="username" type="text" ... > > and with register_global I can use this field in PHP as variable > $username.
You really really should turn OFF register_global for new code development... > Yet if I use a session variable > > $_SESSION['username'] = 'value' > > the variable $username gets the same value. On the other side when I > enter a value in the input field, the session variable isn't changed. > So > how can I set the session variable from the input field after it has > changed? If you want to sort out the mess of which variables are coming from where, use $_POST and $_SESSION and $_GET instead of $username You should not blindly put POST/GET data into your SESSION data. NEVER trust user-supplied data. Start reading about that here: http://phpsec.org/ > > O. Wyss > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
