I've always had a problem with books on PHP, because the language changes and evolves more quickly than books can be written, printed, and distributed.
If register_globals is set to off, cookie variables, query string variables, form (post) variables, and session variables are not automatically turned into PHP variables, IE; if register globals is on. <form action="http://www/index.php"; method="POST"> <input type="hidden" name="id" value="1"> in index.php, you don't need to specify where $id is being created, because it gets created for you. Howver, other people can override your variables with values of their own http://www/index.php?id=453 its better to specifically write, where your variable is coming from: $id = $_POST['id']; then someone acessing the url with id=435 appended to it will have no affect. > And is $_POST[] short for $HTTP_POST_VARS[] or is it something else? $_POST was introduced in PHP 4.1, prior to that you used $HTTP_POST_VARS; Most people say "Just use $HTTP_POST_VARS, and your code will work anywhere", however, if you read the PHP manual, the developers say "$HTTP_POST_VARS is deprecated", which means "Its going to be removed in the future" Now you start to see why Books on PHP, that teach specific PHP syntax, get out-dated quite quickly. You still need to use session_register() (to register a session variable), but you should access (registered) session variables through $_SESSION[] -----Original Message----- From: Bobo Wieland [mailto:[EMAIL PROTECTED]] Sent: Monday, 13 January 2003 2:00 AM To: Sean Malloy; [EMAIL PROTECTED] Subject: initialize variables (was: Using the GET Method) Please, explain this to me, because I couldn't figure it out by myself... If register_globals is set to 'off', and because it's good practice, you should allways initzialize your variables? So I should write: $test = $_POST['test']; and then I can use $test as usuall... But what about local variables then? Variables that shouldn't be past from one page to another? And is $_POST[] short for $HTTP_POST_VARS[] or is it something else? And should you use $_SESSION[] and not session_register()?!? Sorry for these simple questions, but I would like to do things right... My knowledge comes basicly just from 'Beginning PHP4 (WROX)' and it seems that the book doesn't dig so deep into this matter... Thanks! .bobo :: www.elstudion.com/bobo ----- Original Message ----- From: "Sean Malloy" <[EMAIL PROTECTED]> To: "Wade" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, January 12, 2003 9:59 AM Subject: RE: [PHP-WIN] Using the GET Method > IMO, writing programs that work without register_globals to be enabled, is a > good thing. > > Throughout the book, the code examples will have been created with > register_globals on. (The default setting for older PHP > installations/versions) > > just keep in mind that variables are not auto created for you, so you must > initialize them first. > > $author = $_GET['author']; > > if you change the form method to POST, then you will have to modify the code > to reflect that too. > > Anyways, explicitly initialising your variables is a good habit to get into. > Its more secure. > > -----Original Message----- > From: Dash McElroy [mailto:[EMAIL PROTECTED]] > Sent: Sunday, 12 January 2003 3:49 PM > To: Wade > Cc: [EMAIL PROTECTED] > Subject: Re: [PHP-WIN] Using the GET Method > > > Ah, You're the latest of the ones to get hit by the register_globals > setting. There are two things to do: > > 1. Change your code to reference the METHOD referenced in the form page > GET -> $_GET['varname'] > POST -> $_POST['varname'] > COOKIE -> $_COOKIE['varname'] > SESSION -> $_SESSION['varname'] > GPC (Get Post Cookie, in that order) -> $_REQUEST['varname'] > > See php.net/register_globals for this. > > 2. Change your php.ini settings from: > register_globals = off > to > register_globals = on > > then restart your server. > > Now, I just have to ask myself why I don't have a canned message for > this... > > -Dash > > Know thyself. If you need help, call the C.I.A. > > On Sat, 11 Jan 2003, Wade wrote: > > > 01112003 2132 CST > > > > Im working on learning PHP4 by reading Beginning PHP 4, Wrox Press. > > Chapter 3, page 76. > > Im working with a form field sending data via the GET method. > > On the first page, you fill in a text field and hit send. > > That data is sent via the URL. > > I can see it in the URL, on the next page. > > The page will not show the data in the variable spot. > > > > The Code: > > > > Page One > > <html><head><title></title></head> > > <body> > > <form method=get action="text.php> > > Who is your favorite author? > > <input name="author" type="text"> > > <br> > > <input type=submit> > > </form> > > </body></html> > > > > Page Two - text.php > > <html><head><title></title></head> > > <body> > > Your favorite author is: > > <?php > > echo $author; > > ?> > > </body></html> > > > > Now, I know PHP is case sensitive and I have been sure to check the > > $variable in the code. I have worked through some other pages in this > > book and I downloaded the documentation from the wrox website. Their > > code is exactly as the book and my own. > > > > Im stumbed. Anybody read this book? Can anybody see something wrong? > > > > Wade > > > > > > -- > > PHP Windows Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- > PHP Windows Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP Windows Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
