On Monday 22 April 2002 09:50 am, you wrote: > On Friday, April 19, 2002, at 09:41 PM, Andre Dubuc wrote: > > Is there a way I can verify that (a) globals are off and (b) $_SESSION > > or > > $_POST are on? This probably what's happening -- I can't access the > > arrays at > > all -- so, I think that might be where the problem lies. The $vars > > still work > > though throughout all scripts. > > $_SESSION and $_POST and other superglobals are already on all the time > if you use PHP 4.1.x or later. > > Verify that globals are off by writing a script that checks the for the > presence or the value of $variable and then pass "variable=1" or > something on the querystring in your browser. > > > Erik >> > ---- > > Erik Price > Web Developer Temp > Media Lab, H.H. Brown > [EMAIL PROTECTED]
Thanks Eric, Sorry about the delay in replying. I was at a funeral today. I tried what you suggested, and indeed globals are off. Perhaps my problem stems from my use of the $_GET[] with $vars. I guess I don't really understand what I'm doing. If you would take a peek at this code [I think I've introduced a security hole, and I'm mixing up things]: On page 1: <?php session_start(); ob_start(); ?> // ob_start(); so I can have html headers on this page & redirect later // some other code <form action="page2.php" method="get"> <?php // The following line is where I think I've caused myself grief. <input type=text size=20 name=bozo> // many other lines of code <input type=submit name=submit value="Agree"> ?> On page 2: <?php session_start(); ob_start(); ?> // ob_start(); so I can have html headers on this page & redirect later // some other code <form action="page3php" method="get"> <?php $bozo = $_GET['bozo']; /* Now is this correct? Am I exposing 'bozo' to a security hole? For the rest of the script, with each $_GET['var'] from the previous page I do the same. Somehow, I don't think I've grasped what to do with $vars. From my reading elsewhere, should I, for example, in page 1 use something like : <input type=text size=20 name="<?php echo $_SESSION['bozo'] ?>"> Once I figure out how I'm supposed to write the variables in the scripts, I'll be OK. But I'm so CONFUSED! */ if ($bozo == "") die ("Please enter your 'First Name'. <br><br> Click 'Back" in your browser to enter this information."); // new input variable unique to page 2 <input type=text size=20 name=dodo> // other code: including an "if $level" statement that checks for level of registration and redirects, using header("location . . .") session_write_close(); // to allow the header through header("location:page 3.php"); ?> On page 3: <?session_start(); ob_start(); ?> <?php /* This page is actually a confirmation page, I've tried to collect the info from page 1 ($bozo) and page 2 ($dodo) and print them to screen as in */ $bozo = $_GET['bozo']; $dodo = $_GET['dodo']; print $bozo $dodo; /* I've also tried $_SESSION['bozo'], $_GET['bozo'], left out the '$bozo = $_GET['bozo']' etc, etc, etc. -- I don't know what I'm doing here!! Help! ! */ ?> {Btw, I've used "bozo" and "dodo" since it's easier to spot the diffference than what I actually use for the field :>] Tia, Andre -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the Holy Souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php