Firstly, welcome to PHP. :-) Secondly, that's not how you would enable register_globals if they're not enabled. Thirdly, you do not want to turn on register_globals. register globals are a security risk. They're disabled by default on any recent (within the past 5 years) version of PHP, although some web hosts foolishly turn them on to be compatible with code written 8 years ago that shouldn't be used anymore. :-) Instead, access the proper super-global to get the data you want. For instance: $_GET['charid'] Will have the value of the charid GET parameter passed on the URL like so: http://example.com/index.php?charid=5 There's also $_POST['charid'], which would check just a "POST" request. Use those instead of just $charid. Also, you'll want to ensure that they're the data type you expect to avoid SQL injection, a security risk. For instance, assuming you know the character ID will be an integer: $charid = (int)$_GET['charid']; Or even better: $charid = isset($_GET['charid']) ? (int)$_GET['charid'] : 0; That's the "ternary operator", which is useful for setting defaults in cases where, for instance, no charid was passed at all. That way you get back a 0, so you know you have a value and that it's an integer. Thank you for taking PHP Security 101 in a Nutshell. :-) Cheers. On Tuesday 13 March 2007 10:01 pm, Jeff wrote: > Ok, all I am new to PHP & MySQL. (please don't let this scare you off) > > I had my site hosted with Gisol.com and due to their very poor service and > tech support I left them for Lunarpages.com who so far have a better > service and their tech support is excellent!! But my pages won't pass > variables any more. > > When I started I purchased two books MySQL and PHP & MySQL both published > by O'Riely. So far the are excellent help and instructors. I wote some > pages where I track users and their characters from an on-line game called > World of Warcraft. > > On the Gisol server they were working EXCELLENT!! > > Once I moved to Lunarpages, the pages load ok but they don't pass the > variables from one page to another. > > The below code queries the db and list's the user's in a table, and has a > hyperlink to the right of each, on Gisol I could click the link and it > would load the view_char.php page and it listed their character and the > info i needed, and gave options to delete and edit. Again it was working > beautifully. > > > VIEW USERS PAGE CODE: > $sql="SELECT f_name, l_name, char_id, char_name, char_level FROM t_char, > t_users where t_users.user_id = t_char.user_link ORDER BY char_name ASC"; > mysql_select_db($db_select,$db); > $result = mysql_query($sql,$db); > echo "<TABLE border=2>"; > echo"<TR><TD><B>Character Name</B><TD><B>Character > Level</B><TD><B>Owner</B></TR>"; > while ($myrow = mysql_fetch_array($result)) > { > echo > "<TR><TD>".$myrow["char_name"]."<TD>".$myrow["char_level"]."<TD>".$myrow["f >_name"]." ".$myrow["l_name"]; > echo "<TD><A href=\"view_char.php?charid=".$myrow["char_id"]."\">View</A>"; > } > //$charid="[.$myrow["char_id"].]"; <----- I tried this line with no > success. Possibly have it in the wrong place?? > echo"</TABLE>"; > > VIEW_CHAR PAGE CODE > $sql = "SELECT * FROM `t_char` WHERE `t_char`.`char_id` = '$charid'"; <-- > now all this does is produce a blank page... used to work great! > //$sql = "SELECT * FROM `t_char` WHERE `t_char`.`char_id` = '21'"; <----- i > used this code to test the page w/o the $charid string and it works FINE!! > $result=mysql_query( $sql ); > if (!$result) > { > die("Could not query the database: <br />".mysql_error()); > } > > I wrote a help ticket to Lunarpages where I am now hosted and asked them to > set the register_globals to ON thinking this was the problem based on what > I've read and the wrote back and told me that they use suPHP to parse php > files and I have the option of using custom php.ini files. That I could > create a .htaccess file or put individual php.ini files in the folder that > contains the files im running. In other words do it myself. > > > So I created this file: > > > > register_globals = on > > named it php.ini and dropped it in the folder with all of my files. > > It didn't help any. > > So I added this line to the first file > include ('php.ini'); > > all it does is add : register_globals = on as text at the top of my > page now. > > At this point im lost!! I don't know what to do to get my A > href=\"view_char.php?charid=".$myrow["char_id"]." to equal $charid in the > following pages. > > Any help you could provide me would GREATLY be APPRECIATED!!! > > Signed, > I'm trying -- Larry Garfield AIM: LOLG42 larry@xxxxxxxxxxxxxxxx ICQ: 6817012 "If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it." -- Thomas Jefferson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
