While prototyping my db-driven website using Apache 1.3.23 + PPHP 4.1.2 +
PostgreSQL 7.2 under the rpm distribution of Mandrake 8.2, I used the default
"register_globals=on" setting.
As I'm nearing the end of protyping, I decided to switch
"register_globals=off" by ediuting the php.ini file. Unfortunately, by doing
so, I lost the connection to PostgreSQL: phpinfo() shows no settings for
psql. Since it's a pre-packaged rpm, I've no way to change the default
setting aside from editing the php.ini which then "breaks" PostgreSQL
connection. I could source the whole mess, but since I'm nearing the end of
protyping it seems like a waste of time.
I've re-written most of my code to $_SESSION and $_POST to pick up the
variables from the various pages. However, in order to test everything I've
had to re-load PHP with globals again set to on.
Now for the question: I would like to know whether the coding for the
variables that I'm using now will work with $_SESSION and $_POST.
For some reason, the only way to pick up the variables from a posted page is
to use at the beginning of the page (after the initial <?php session_start();
ob_start(); ?>)
$sfname = $_POST['sfname'];
Now, in all the checking code that follows (to check for empty strings, html
code, javascript commands, and bad words) I've reverted to:
//snippet of code (<h5> is formatting for CSS stylesheet)
if ($sfname == "") die ("<h5>blah, blah blah....</h5>");
This works with globals=on, and while I had it working (without a functional
database connection) with $_POST and but not with $_SESSION (??).
My question: will this work in "real-time" once I get connected again to the
db? It's so frustrating having changed all the code to find that I really
didn't have to. Btw: can anyone explain why "register_globals=on" is such a
"bad thing"? I've read the security info, and they never really explained it.
Sorry for the long post. I would greatly appreciate any assistance on this.
Tia,
Andre
--
Please pray the Holy Rosary to end the holocaust of abortion.
Remember in your prayers the Holy Souls in Purgatory.
May God bless you abundantly in His love!
For a free Cenacle Scriptural Rosary Booklet: http://www.webhart.net/csrb/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
