| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 54711 | 2005-02-20 03:31:00 | PHP help needed | Midavalo (7253) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 326740 | 2005-02-20 03:31:00 | I've been following some instructions on using PHP, but I've hit a snag. I've got PHP running locally, but the instructions don't work right on my PC. If I upload the same files to my webhost the PHP instructions work as intended (so I know my files are correct). So I'm guessing there's something not set right in my php.ini or some other config file somewhere - the problem is, what needs to be changed? I have 2 files. One is an html file, the other is a php file opened by a link in the html file. Html file: <HTML> <HEAD> <TITLE>Test</TITLE> </HEAD> <BODY> <A HREF="welcome.php?name=Midavalo">Hi, I'm Midavalo!</A> </BODY> </HTML> PHP file: <HTML> <HEAD> <TITLE>Hmmm...</TITLE> </HEAD> <BODY> <?php echo( "Welcome to our Web site, $name!" );?> </BODY> </HTML> The welcome.php file is supposed to see the "?name=Midavalo" from the link in the html file, and put it into the output "Welcome to our Web site, Midavalo!", but all I get is "Welcome to our Web site, !" - my name is missing. When I upload those files onto my webhost, I get the line correctly - "Welcome to our Web site, Midavalo!". What might need to be fixed? Midavalo. |
Midavalo (7253) | ||
| 326741 | 2005-02-20 04:08:00 | It seems I can pass variables from within the PHP file, just not from the URL. M. |
Midavalo (7253) | ||
| 326742 | 2005-02-20 05:05:00 | Hey Midavalo, The problem here would be global registers, which is now disabled by default for security reasons. Try: <html> <head> <title>Hmmm...</title> </head> <body> <?php echo 'Welcome to our Web site, ' . $_GET['name'] . '!'; ?> </body> </html> |
Kame (312) | ||
| 326743 | 2005-02-20 05:27:00 | Hey Midavalo, The problem here would be global registers, which is now disabled by default for security reasons.Thanks Kame, is there a way to change this? What are global registers, and why are they disabled? Thanks again, M. |
Midavalo (7253) | ||
| 326744 | 2005-02-20 05:30:00 | <?php echo 'Welcome to our Web site, ' . $_GET['name'] . '!'; ?> That worked, thanks Kame . Is it something locked down in Windows XP, or something in PHP? M . |
Midavalo (7253) | ||
| 326745 | 2005-02-20 05:39:00 | That worked, thanks Kame. Is it something locked down in Windows XP, or something in PHP? M. Ah nevermind :) I found it in PHP.ini, with an explanation. I'll have to make sure I follow the guide along with these new rules to follow - gotta keep it secure :D Thanks, M. |
Midavalo (7253) | ||
| 326746 | 2005-02-20 05:43:00 | You should find the settings in your php.ini file register_globals if I remember The problem with register globals on is that users of your web pages can attempt to "poison" your variables e.g append a GET request on to a web page like so: test_php.php?some_internaL_variable=tampered_value If you just initialise all yuor variables then you are probably okay. However, the best use $_GET, $_POST etc is that you can see variables are coming in from user input and so take action make sure they don't contain any nasty input (such as DROP database, etc) See the security section in the PHP manual.. |
gibler (49) | ||
| 1 | |||||