make sure Register Globals = Off.
Register globals does just that, creates global variables from any data posted to from a form.
As you've noticed it's not the most secure thing, to have these variables accessible to all your
scripts.
Cheers, ~Steve
Sebastian Baran wrote:
Hello,
Has anybody experienced such problem? Let's have script "a.php" with form
<form name="myform" action="a.php" method="POST"> <input name="field" ...> .... </form>
Script "a.php" receives POST data and process them, then executes redirect:
header("Location: b.php");
And then on most configurations (like Apache+PHP, no matter on windows or unix) script "b.php" has no idea about data from form "myform". But I've found that "my" server, wich is IIS, sends somehow POST data to "b.php"!!! More, if we "b.php"="a.php" we have a loop! Cause "a.php" checks if there is something in POST and then redirects to itself.
*********** a.php BEGIN ********* <?php if ($_POST["field"]) { (do something) ... header("Location: a.php"); } ?> <form action="a.php" method="POST"> <input name="field" ...> .... </form>
************ END ****************
How to get lost of POST data? Is it a bug in IIS, php or something else?
Thanks in advance!
my configuration:
PHP Version 4.3.2
System Windows NT WEB 5.0 build 2195 Server API CGI/FastCGI
SERVER_SOFTWARE Microsoft-IIS/5.0
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
