On 11 Mar 2004 Teren wrote: > If you have register_globals on in your php.ini file, you don't need to do > that. You just automatically have access to all of those variables like > $username and $password etc. Whatever the name is on the field is what the > string will be called and the action script can access those immediately by > $+the_field_name.
Yes but register_globals carries substantial security risks since a hacker can then set any script variable they wish merely by POSTing it back in response to your form. For details see http://www.php.net/manual/en/security.registerglobals.php. -- Tom -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
