echo $var 4

[Kicket]

this is really wierd. on my first page i have a textfield, and a submit button. the form method="get" action="nextpage.php", so after i submit, it will load me to nextpage. with a url like

http://localhost/public/nextpage.php?cbox=something&readinf=0

, in my nextpage.php, i have echo $cbox; ,but somehow it won't display it. i wonder why. i m running a phpdev


ff

 

[4x4uk]

Have you tried
echo "$_GET[cbox]";
latest verions of php have Global varialbs set to off for security reasons.

regards
Ian

Infinity exists! - I just haven't worked out a way to get there yet.

http://www.ne4x4.org.uk/

|

http://www.ne4x4.org.uk/Ian/

|

http://www.ne4x4.fsnet.co.uk/beck/

 

[KarveR]

echo $_GET[cbox];

______________________________________________________________________
There's no present like the time, they say. - Henry's Cat.

 

[Kicket]

thanks all. it worked after i tried echo "$_GET[]";
my code was written a year ago.

there's another question, i used to have session_register( var ) in my page, then i can simply call var using echo $var; in my next page. but now i can't. is this have something to do with the update?

or how to set the global variable to on?


ff

 

[Kicket]

$_SESSION[]




ff

 

[DRJ478]

Kicket,

When you inspect the PHP installation you will probably see that register_globals is set to OFF. This is the default setting now and is recommended for security reasons.

The superglobal arrays are:
$_GET, $_POST, $_SESSION, $_COOKIE and $_REQUEST.

All you need is to start the session

 session_start()

and then assign the variables. To write code that is independent from the register_globals setting it is recommended to assign the variables directly into the session array:

$_SESSION[myvar] = "somevalue"';

The session_register function will not work in an environment where register_globals is disabled.

DRJ

 

[Kicket]

how do u change the register_globals settings?



ff

 

[DRJ478]

That is in the php.ini

However, there are valid safety considerations that prompted the change to OFF as the default.

When register_globals is ON, anyone can pass variables into the script. Let's say there is a variable $foo that is never initialized and someone passes a GET parameter in the URL by that name then the user successfully introduced an arbitrary value into the script.

I would advise to write or alter the code so that it will run on PHP >= 4.1.2 regardless of the setting register_globals

 

[Kicket]

thanks everyone. i altered my code instead of change the setting. so it will run regardless of the sttings.



ff

 

[xor]

Also speaking of security... since you are using a form anyway, why not use method="POST" instead of "GET"? It's more essential if you want to have the user passing sensitive data, if it appears in the URL someone else could get access to the data from the browser's history, or from shoulder surfing. Makes for shorter, tidier URLs as well.

Then instead of $_GET['cbox'] just use $_POST['cbox'] instead.



The New Zealand Site

http://www.thenewzealandsite.com

 

[SPYDERIX]

DRJ478,

I didn't even think of that consideration for register_globals being on. I am going to turn them off right now. Thanks!

Keep up to date with my 2003 NHL Playoffs Wallpaper

http://www.spyderix-designz.com/nhl/nhl_playoffs.jpg

 

[Kicket]

oh thanks xor, i actually did use post and $_post, hehe, but i tend to use $_get when i test my script, so i know what's going on. thanks anyway.


ff