On Wed, March 14, 2007 9:14 pm, Jeff wrote: > I've read and the wrote back and told me that they use suPHP to parse > php > files and I have the option of using custom php.ini files. That I > could > create a .htaccess file or put individual php.ini files in the folder > that > contains the files im running. In other words do it myself. You *could* create a file named .htaccess and put this in it: php_value register_globals on and your scripts will work as-is. It would be INFINITELY BETTER to fix up the scripts so that instead of using just $charid in the query, you would do like this at the tip-top: $charid = mysql_real_escape_string($_GET['charid']); This will take care of the register globals and it will keep you safe from SQL-injection attack. At the moment, if you turn on register_globals, it will work, but it's very very very un-safe without the MySQL escaping anyway, so you might as well fix both at once. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
