Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Passing variables between pages....

Status
Not open for further replies.
caffrinho

caffrinho

MIS
Mar 1, 2002
91
GB
OK, i'm getting desperate...

Last month my ISP had a security issue, whereby all their customers had their websites 'altered'. (Basically added a line to the body section of your code to load a dodgy website.)

I received an email from the ISP saying that the security issue has been patched and that this won't happen again. Although some scripts would no longer work.

And this is my problem. My once, beautifully, working website has been turned into one that doesn't work.

I believe the crux of the problem is that i can no longer pass two variables through the URL. So any pages that i had that used ?var1=some&var2=stuff no longer work.

I guess what i'm asking is for an alternative method that WILL work, and return my website back to normal!

Here's to hoping...

 
Sort by date Sort by votes
1. What was the security issue? If you are using PHP it may be that they upgraded it or disabled register_globals. This would stop you accessing passed variables directly. Instead you need to access them through a superglobal such as $_GET. It's fairly easy to fix if that is the case.
More info can be found here:

2. Find a different host. Seriously. For them to have a hole so large that all their hosted sites could be "altered" is pretty poor.

 
Upvote 0 Downvote

How about you post the code on your page that's no longer working? Or better still, a URL to one of the affected pages.

Dan
 
Upvote 0 Downvote
The thought had crossed my mind.
The only reason i haven't already is that the hosting is free, unlimited b/w & storage, no restrictions on files that can be hosted, and it only costs me £GBP 3/month for a mySQL database. FYI the host is freeola.

Any suggestions/recommendations for a good host with a cheap DB...?

 
Upvote 0 Downvote
my site is
seriously though, bear in mind the recent trouble they've had, and make sure you have a/v s/w updated, just in case!!!

I appreciate the feedback, thx!

incidentally, which config file is register_globals set. I also host the site on my PC for testing purposes, and i'm pretty sure it's switched off in that. Oh, and i don't think i mentioned that passing ONE variable seems to work ok!!!!
 
Upvote 0 Downvote
if you go to my site( in the drop down menu 'Teams', you'll notice that i pass one variable to the next page, teamid. But in the league table, i am trying to pass two variables, tn and posn.

the 1 variable works the 2 don't!

(if you're using firefox, you won't see the dropdown menus, another issue i'm trying to solve!!)

Another point, since it has been mentioned. I don't use $_GET, i may try that just for peace of mind!
 
Upvote 0 Downvote

Given that we cannot get to teams.php without being redirected, how about posting the source to help us help you?

Dan
 
Upvote 0 Downvote
D'oh. i couldn't see the problem for looking!!! The reason it's redirecting us back to main.php is cos i'm telling it to! (See teams.php extract below)

Reading foamcow's post again, i'm fairly confident of it being the register_globals issue.

Code: 
<?php header("cache-control:no-cache");

$tn = addslashes($tn);

if(!isset($tn)||$tn==""){
           header("location:main.php");
          }
$pagename = "Team Sheet";

?>

My only concern is that other pages where i pass a single variable, in exactly the same way, still work!!!

For example, the following is playdisp.php, the file called by clicking a team in the team drop down menu.
playdisp.php?teamid=2. This WORKS! (i.e. it doesn't default to ID=1 because it recognises the teamid variable

I'm confused!!!

Code: 
<?php

if(!isset($teamid)){
     $teamid=1;
} //if team not selected default to ID1

if ($teamid!=null){

//=========Show teams===========

 include("resources/variables.php");
 $conn = mysql_connect($host, $usrname, $pass) or die (mysql_error()); 
 mysql_select_db($dbselect,$conn)  or die(mysql_error());
 
Upvote 0 Downvote

Well - this now becomes a PHP issue, so you might want to ask they guys in the PHP forum... The only thing (as a non-PHP coder) I can think of is that your "addslashes" function is doing something dodgy.

Hope this helps,
Dan
 
Upvote 0 Downvote
Thanks for your time, i'll implement the $_GET thing in the mean time. Hopefully i can get this sorted.

And if anybody can recommend an ISP as detailed above, i'd be grateful!
 
Upvote 0 Downvote
caffrinho said:
The thought had crossed my mind.
The only reason i haven't already is that the hosting is free, unlimited b/w & storage, no restrictions on files that can be hosted, and it only costs me £GBP 3/month for a mySQL database. FYI the host is freeola.
Click to expand...

The unlimited part is something that should ring alarm bells on it's own. If you start to use a fair amount of space or transfer, they would cut your account.

Think about it logically, have you ever seen or heard of a drive with unlimited space?

If these offers were actually guenuine, why do Google pay so much for their network? Why not use Freeola? [wink]


Hope this helps

Wullie


The pessimist complains about the wind. The optimist expects it to change. The leader adjusts the sails. - John Maxwell
 
Upvote 0 Downvote
Good point, well made.

I doubt i use much b/w or storage, since i only host a text based site.
But not knowing how much b/w i was likely to consume (site's only been up for 3-4 months), i thought that no limits would be a good start, particularly if it's free. If that makes sense!!


Anyway, this security problem, along with other issues (like having to use a freeola account - either dialup or broadband - to be able to upload my pages. I'm on Cable) is making me look at alternatives.
I like the sound of FreshLook, was in the process of signing up but am having difficulty with the payment part - *sigh*
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jjack46
  • Locked
  • Question
Passing an array of checkbox flags to another page
Replies
7
Views
233
spamjim
spamjim
Evil8
  • Locked
  • Question
Defining/Labling CSS for multiple pages 1
Replies
5
Views
114
Evil8
Evil8
rrmcguire
  • Locked
  • Question
spacing between CSS elements
Replies
2
Views
113
johnwm
johnwm
waydown
  • Locked
  • Question
Controlling gap between h4 and p without using negative margin
Replies
5
Views
154
FrankknarF
FrankknarF
rrmcguire
  • Locked
  • Question
adding spry menu to multiple pages
Replies
14
Views
170
Vragabond
Vragabond

Part and Inventory Search

Sponsor

Back
Top