Re: converting scripts for register_globals=Off

[Mikael Grön <emgee@xxxxxxxxxxx>]

Since I have a thing for using one file for all things in i.e. an admin 
script, I use POST and GET variables at the same time. Getting them 
mixed up is extremely hazardous.. I do stuff like:
	<a href="admin.php?action=delete&id=2">Delete post</a>
which leads to the section of the admin script;
	<?php
	if ($_GET['action'] == "delete" && $_GET['id']) {
		// lots of PHP doing lots of stuff
	} else {
		// the link
	}
	?>
Now, if there's a POST variable named ID containing an INT matching the 
database, and I use $_REQUEST instead of $_GET, I'm in trouble!

Mike


On Apr 29, 2004, at 11:00, Ignatius Reilly wrote:

> even better:
> $_REQUEST['variable_name']
>
> so that you don't have to bother checking both depending on whether 
> your
> form was GETted or POSTed.
>
> _________________________
> ----- Original Message -----
> From: "Mikael Grön" <emgee@xxxxxxxxxxx>
> To: "Kim Jacobs (Crooks) - Mweb" <KJacobs@xxxxxxxx>; 
> <php-db@xxxxxxxxxxxxx>
> Sent: Thursday, April 29, 2004 11:54 AM
> Subject: Re:  converting scripts for register_globals=Off
>
>
> What register_globals does (Please correct me if I'm wrong) is convert
> i.e. $_POST['variable_name'], $_GET['variable_name'] and so on to
> $variable_name. which isn't very good from my point of view.
>
> I suggest you make sure you use $_GET['your_variable'] when ever you're
> fetching a GET variable, $_POST['var'] for all post variables and so
> on, instead of what you're doing now.
> This works just fine with register_globals = On as well, so I always
> use it... to be safe..
>
> Mike
>
>
> On Apr 29, 2004, at 10:40, Kim Jacobs (Crooks) - Mweb wrote:
>
> > if any of you could help me out, I would greatly appreciate it... I am
> > an absolute beginner to php (2 weeks now) and dont know what I dont
> > know...
> >
> > I have written some scripts to access my online SQL db and I've tested
> > the scripts on my machine with PHP 4.3.6 and register_globals = On
> > Now where I host my site, uses PHP 4.3.5 and has register_globals =
> > Off which means of course, that my scripts arent working, but I dont
> > know why....
> >
> > My question is, how do I convert my scripts so that they will work
> > please? I know that $id and $submit are two of the 'inputs' that it
> > doesnt like, but I dont know the rest
> >
> > Tx
> > K
> >
> >
> > MWEB: S.A.'s most trusted and reliable Internet Service Provider. Just
> > Like That.
> >
> > To join, go to: http://join.mweb.co.za or call 0860032000.
> >
> > --
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php