HI! I'm a graphic designer and right now approaching to server side programming. I found this code in a blog board flash+php+mysql, but this code was written in a old php version, in which register_globals value was "ON". How can rewrite this code with register_globals value "off"? tnks, sorry for my very bad englihs!!! [img src=\"style_emoticons/[#EMO_DIR#]/wink.gif\" style=\"vertical-align:middle\" emoid=\":wink:\" border=\"0\" alt=\"wink.gif\" /] // *** validate database <?php require_once('../connectiona/datisql.php'); ?> <?php // *** Start the session session_start(); // *** Validate request to log in to this site. $FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF']; if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".$HTTP_SERVER_VARS['QUERY_STRING']; if (isset($HTTP_POST_VARS['email'])) { $FF_valUsername=$HTTP_POST_VARS['email']; $FF_valPassword=$HTTP_POST_VARS['password']; $FF_fldUserAuthorization="nivelAcceso"; $FF_redirectLoginSuccess="inicio/index.php"; $FF_redirectLoginFailed="sin_acceso.php"; $FF_rsUser_Source="SELECT email, Password "; if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization; $FF_rsUser_Source .= " FROM usuarios WHERE email='" . $FF_valUsername . "' AND Password='" . $FF_valPassword . "'"; mysql_select_db($database_connFlashblog, $connFlashblog); $FF_rsUser=mysql_query($FF_rsUser_Source, $connFlashblog) or die(mysql_error()); $row_FF_rsUser = mysql_fetch_assoc($FF_rsUser); if(mysql_num_rows($FF_rsUser) > 0) { // username and password match - this is a valid user $MM_Username=$FF_valUsername; session_register("MM_Username"); if ($FF_fldUserAuthorization != "") { $MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization]; } else { $MM_UserAuthorization=""; } session_register("MM_UserAuthorization"); if (isset($accessdenied) && false) { $FF_redirectLoginSuccess = $accessdenied; } mysql_free_result($FF_rsUser); session_register("FF_login_failed"); $FF_login_failed = false; header ("Location: $FF_redirectLoginSuccess"); exit; } mysql_free_result($FF_rsUser); session_register("FF_login_failed"); $FF_login_failed = true; header ("Location: $FF_redirectLoginFailed"); exit;