Jump to content

Register Globals SUDDENLY TURNED OFFF!!!

spikypunker

By spikypunker
in PHP Coding Help

 Share

Recommended Posts

spikypunker Member

spikypunker

Posted
Posted

Arrrgh nightmare!!

 

After my hosting provider kindly turning on register globals for one page of my site they have suddenly pulled this out from under me with no warning! The reason i asked for register globals on in the first place was because i had to import a page that was coded by a clients previous web designer, and this page used register globals. I think the coding for the page is quite out of my league, I've had a look through it and can understand MOST of it. HOWEVER I'm in a real crisis because this site is quite heavily used and straight away i had the client email me saying their users are complaining that this page is broken!

 

Basically it's a Member list, the variables that aren't working are sent from the page back to the page itself (obviously it reloads the page)

These include a search box, a NEXT and PREVIOUS button and some buttons changing the way the list is ordered.

 

If anyone could help me I'd be so grateful, either can someone tell me how to get Register Globals running on this page myself, or could someone look over the code and see which ones need to be changed? I'm guessing just using the $_GET and $_POST codes in the right variables will sort it???

 

Anyway, the code is to follow:::

 

 

Link to comment
https://forums.phpfreaks.com/topic/111701-register-globals-suddenly-turned-offf/
Share on other sites
spikypunker Member

spikypunker

Posted
  • Author
Posted 
<?
include_once "db_mysql.inc";
$s = new DB_Sql;
$limit_records = 50;
$q = new DB_Sql;
// Get users group contacts list
// Set the sql order
switch($order) {
case "name_up":
	$cont_order = 'Surname';
	break;
case "name_dn":
	$cont_order = 'Surname DESC';
	break;
case "town_up":
	$cont_order = 'Town,Surname';
	break;
case "town_dn":
	$cont_order = 'Town DESC,Surname';
	break;	
case "county_up":
	$cont_order = 'County,Surname';
	break;
case "county_dn":
	$cont_order = 'County DESC,Surname';
	break;
default:
	$cont_order = 'Surname';
	break;
}

// Set the crtieria
if ($search_string && $search_string != "") {
switch($search_type) {
	case "Surname":
	$where = ' WHERE Surname LIKE "'.$search_string.'%" ';
	break;

	case "Town":
	$where = ' WHERE Town LIKE "'.$search_string.'%" ';
	break;

	case "County":
	$where = ' WHERE County LIKE "'.$search_string.'%" ';
	break;
	}
}			

// Get total records for query
$sql = "SELECT COUNT(Name) AS count FROM diarylst $where";
$q->query($sql);
$q->next_record();
$count = $q->f('count');

if(!$offset) $offset = 0;  // start point for LIMIT statement
// Get the required records
$sql = "SELECT * FROM diarylst
	$where
	ORDER BY $cont_order
	LIMIT $offset, $limit_records
	";
/*
$sql = "SELECT CONCAT(cont_firstname,' ',cont_lastname) AS cont_name, contacts.*,comp_name,comp_tel1,comp_fax FROM contacts,company
	WHERE (comp_id = cont_comp_id)
	AND cont_personal = '0'
	ORDER BY $cont_order
	LIMIT $offset, $limit_records"; 
*/
$q->query($sql);

// record limit controls
$records_to = (($offset + $limit_records) > $count)? $count : ($offset + $limit_records);
$message = "[Records ".($offset + 1)." to ".$records_to." of ".$count."]";
$next = ($count > $offset + $limit_records)? ($offset + $limit_records) : 0;
$previous = $offset - $limit_records ;
$rem = ($count%$limit_records == 0)?  $limit_records : $count%$limit_records; // Records on last page
$last = $count - $rem;

if($previous >= 0) {
$first_set = '<a href="'.$PHP_SELF.'?offset=0&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_start_dk.gif" width="20" height="15" alt="First page" border="0"></a>';
}else{
$first_set = '<img src="./common/point_start_lt.gif" width="20" height="15" alt="No previous records" border="0">';
}
if($next) {
$next_set = '<a href="'.$PHP_SELF.'?offset='.$next.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_right_dk.gif" width="20" height="15" alt="Next page" border="0"></a>';
}else{
$next_set = '<img src="./common/point_right_lt.gif" width="20" height="15" alt="No more contacts" border="0">';
}
if($previous >= 0) {
$previous_set = '<a href="'.$PHP_SELF.'?offset='.$previous.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_left_dk.gif" width="20" height="15" alt="Previous page" border="0"></a>';
}else{
$previous_set = '<img src="./common/point_left_lt.gif" width="20" height="15" alt="No previous records" border="0">';
}
if($next) {
$last_set = '<a href="'.$PHP_SELF.'?offset='.$last.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_end_dk.gif" width="20" height="15" alt="Final page" border="0"></a>';
}else{
$last_set = '<img src="./common/point_end_lt.gif" width="20" height="15" alt="No more contacts" border="0">';
}
?>
<html>
<head>
<title>ALCD: Existing Members List</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="alcd.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/JavaScript">
<!--

var winOpened = null;
function openCustomWindow(goto) {  	
  winOpened = window.open(goto,'winDetails','toolbar=no,status=yes,menubar=no,width=350,height=400');
}
function winLink(goto) {	
if (winOpened && winOpened.open && !winOpened.closed) {
	locArray = winOpened.location.href.split("/");
	if(locArray[locArray.length - 1] != goto){			
		winOpened.location.href=goto;
		}
		winOpened.focus();
}else{
	openCustomWindow(goto);
}
}
//-->
</script>
</head>

<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> 
<table width="759" border="0" cellspacing="0" cellpadding="0" class="stdText">
  <tr> 
    <td align="left" valign="middle" bgcolor="#FFFFFF"> </td>
    <td colspan="6" align="left" valign="top" bgcolor="#FFFFFF"><br>
    A = Associate<br>
F = Fellow<br>
FCL = Fellow Costs Lawyer<br><br>
    
      <form name="form1" method="post" action="<? print $PHP_SELF ?>">
        Search <font size="1">(all or part of name)</font>    
        <input name="search_string" type="text" id="search_string" size="20">
          
        <input name="search_type" type="radio" value="Surname" checked>
        Surname 
        <input type="radio" name="search_type" value="Town">
        Town 
        <input type="radio" name="search_type" value="County">
        County  
        <input type="submit" name="Submit" value="Submit">
      </form>
  </td>
  </tr>
  <tr> 
    <td align="left" valign="middle" bgcolor="#FFFFFF">  </td>
    <td align="left" valign="middle" bgcolor="#FFFFFF"><? print "$first_set$previous_set$next_set$last_set" ?></td>
    <td align="left" valign="middle" bgcolor="#FFFFFF"> </td>
    <td bgcolor="#FFFFFF" colspan="4"><font size="1"><? print $message ?></font></td>
  </tr>
  <tr> 
    <td> </td>
    <td><br><Br><a href="<? print $PHP_SELF ?>?order=name_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by Name Ascending"></a><a href="<? print $PHP_SELF ?>?order=name_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by Name Descending"></a><strong>Name</strong></td>
    <td><Br><br><a href="<? print $PHP_SELF ?>?order=town_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by Town Ascending"></a><a href="<? print $PHP_SELF ?>?order=town_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by Town Descending"></a><strong>Town</strong></td>
    <td><Br><br><a href="<? print $PHP_SELF ?>?order=county_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by County Ascending"></a><a href="<? print $PHP_SELF ?>?order=county_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by County Descending"></a><strong>County</strong></td>
    <td align="center" valign="top"><strong><Br><br>Status</strong></td>
    <td align="center" valign="top"><strong><br><Br>Details</strong></td>
    <td width="9" align="center" valign="top"> </td>
  </tr>
  <?
while ($q->next_record()) {
?>
  <tr> 
    <td align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td align="left" valign="top" class="a2<? echo $class_done ?>"> 
      <? $q->p("Name") ?>
    </td>
    <td align="left" valign="top" class="a2<? echo $class_done ?>"> 
      <? $q->p("Town") ?>
    </td>
    <td align="left" valign="top"> 
      <? $q->p("County") ?>
    </td>
    <td align = "center" valign="top"> 
      <? $q->p("Status") ?>
    </td>
    <td align = "center" valign="top"><a href="javascript:winLink('popup_details.php?id=<? urlencode($q->p('Name')) ?>')"><img src="./common/pencil.gif" width="20" height="15" alt="<? print $details ?>" border="0"></a></td>
    <td align = "center" valign="top"> </td>
  </tr>
  <? } ?>
  <tr> 
    <td width="84" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="239" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="147" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="148" align="left" valign="top"> </td>
    <td width="55" align = "center" valign="top"> </td>
    <td width="77" align = "center" valign="top"> </td>
    <td align = "center" valign="top"> </td>
  </tr>
  <tr> 
    <td colspan="7"> </td>
  </tr>
</table>
</body>
</html>

trq Prolific Member

trq

Posted
Posted
I'm guessing just using the $_GET and $_POST codes in the right variables will sort it???

 

You guessed corectly. The problem now however is going to find these magically appearing variables. Thats the whole problem with register globals, they appear from nowhere.

thebadbad Newbie

thebadbad

Posted
Posted

To fix the form part, my guess is, that $search_type and $search_string should be replaced with $_POST['search_type'] and $_POST['search_string'] respectively. How is the page in question accessed? The query string would probably reveal the rest of the 'magical' variables.

 

Edit: Nice temp. fix thorpe, forgot about that.

spikypunker Member

spikypunker

Posted
  • Author
Posted

:D

 

wow what a lifesaver! This is just what i need so that it can keep running and give me some time to sort the variables out without the client and account manager adding the pressure! Sweet, thats works perfectly.

 

MANY MANY THANKS

 

p.s

Cheers for the extra help there, i will fix the variables tomorrow! For now they can go another day with the slight security risk  :-\

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Turning on full php error_reporting (E_ALL) and setting display_errors on, will help you find undefined variables that for the most part are the ones that register_globals were "magically" populating. You would then need to determine where these variables are supposed to come from. These could be from any of - POST/GET/COOKIE/SESSION/SERVER/ENV.

 

Things like $PHP_SELF (which is used in your code) would need to be changed to $_SERVER['PHP_SELF']

 

Edit: I like your title, "Register Globals SUDDENLY TURNED OFFF!!!." They were in fact turned off in April 2002. No new code, new books, new tutorials, new hosting accounts should have used them after that point in time. That was a full six years ago. Those six years should have been spent by the programmers and authors of existing code making sure that their code did not depend on register globals.

 

I am guessing that your host upgraded something and forget your custom setting or simply decided to disable anything to do with register_globals because they have been completely eliminated in upcoming php6. It is better to force anyone still using them to fix their code now, rather than have this as a roadblock to upgrading to php6 later.

wildteen88 Regular Member

wildteen88

Posted
Posted

Looking at your code, it is actually simple to fix.

 

All you need to do is change the $order and $offset variables to $_GET['order'] and $_GET['offset'] respectively, The same applies for the $search_string and $search_type variables except you'll want to change them to $_REQEST['search_string'] and $_REQUEST['search_type'] instead.

 

Untested code:

<?php

include_once "db_mysql.inc";

$q = new DB_Sql;
$s = new DB_Sql;
$limit_records = 50;

// Get users group contacts list
// Set the sql order
$cont_order = 'Surname';
if(isset($_GET['order']))
{
    switch($_GET['order'])
    {
    	case "name_up":
    		$cont_order = 'Surname';
    		break;
    	case "name_dn":
    		$cont_order = 'Surname DESC';
    		break;
    	case "town_up":
    		$cont_order = 'Town,Surname';
    		break;
    	case "town_dn":
    		$cont_order = 'Town DESC,Surname';
    		break;
    	case "county_up":
    		$cont_order = 'County,Surname';
    		break;
    	case "county_dn":
    		$cont_order = 'County DESC,Surname';
    		break;

    	default:
    		$cont_order = 'Surname';
    		break;
    }
}

// Set the crtieria
if (isset($_REQUEST['search_string']) && !empty($_REQUEST['search_string']))
{
    $search_string = mysql_real_escape_string($_REQUEST['search_string']);
    $search_type   = $_REQUEST['search_type'];

switch($search_type)
    {
	case "Surname":
	    $where = ' WHERE Surname LIKE "'.$search_string.'%" ';
	break;

	case "Town":
	    $where = ' WHERE Town LIKE "'.$search_string.'%" ';
	break;

	case "County":
	    $where = ' WHERE County LIKE "'.$search_string.'%" ';
	break;
}
}

// Get total records for query
$sql = "SELECT COUNT(Name) AS count FROM diarylst $where";
$q->query($sql);
$q->next_record();
$count = $q->f('count');

if(!isset($_GET['offset']) && is_numeric($_GET['offset'])) $offset = 0;  // start point for LIMIT statement

// Get the required records
$sql = "SELECT * FROM diarylst
	$where
	ORDER BY $cont_order
	LIMIT $offset, $limit_records
	";
/*
$sql = "SELECT CONCAT(cont_firstname,' ',cont_lastname) AS cont_name, contacts.*,comp_name,comp_tel1,comp_fax FROM contacts,company
	WHERE (comp_id = cont_comp_id)
	AND cont_personal = '0'
	ORDER BY $cont_order
	LIMIT $offset, $limit_records";
*/
$q->query($sql);

// record limit controls
$records_to = (($offset + $limit_records) > $count)? $count : ($offset + $limit_records);
$message = "[Records ".($offset + 1)." to ".$records_to." of ".$count."]";
$next = ($count > $offset + $limit_records)? ($offset + $limit_records) : 0;
$previous = $offset - $limit_records ;
$rem = ($count%$limit_records == 0)?  $limit_records : $count%$limit_records; // Records on last page
$last = $count - $rem;

if($previous >= 0) {
$first_set = '<a href="'.$_SERVER['PHP_SELF'].'?offset=0&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_start_dk.gif" width="20" height="15" alt="First page" border="0"></a>';
}else{
$first_set = '<img src="./common/point_start_lt.gif" width="20" height="15" alt="No previous records" border="0">';
}
if($next) {
$next_set = '<a href="'.$_SERVER['PHP_SELF'].'?offset='.$next.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_right_dk.gif" width="20" height="15" alt="Next page" border="0"></a>';
}else{
$next_set = '<img src="./common/point_right_lt.gif" width="20" height="15" alt="No more contacts" border="0">';
}
if($previous >= 0) {
$previous_set = '<a href="'.$_SERVER['PHP_SELF'].'?offset='.$previous.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_left_dk.gif" width="20" height="15" alt="Previous page" border="0"></a>';
}else{
$previous_set = '<img src="./common/point_left_lt.gif" width="20" height="15" alt="No previous records" border="0">';
}
if($next) {
$last_set = '<a href="'.$_SERVER['PHP_SELF'].'?offset='.$last.'&order='.$order.'&search_string='.$search_string.'&search_type='.$search_type.'"><img src="./common/point_end_dk.gif" width="20" height="15" alt="Final page" border="0"></a>';
}else{
$last_set = '<img src="./common/point_end_lt.gif" width="20" height="15" alt="No more contacts" border="0">';
}
?>
<html>
<head>
<title>ALCD: Existing Members List</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="alcd.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/JavaScript">
<!--

var winOpened = null;
function openCustomWindow(goto) {
  winOpened = window.open(goto,'winDetails','toolbar=no,status=yes,menubar=no,width=350,height=400');
}
function winLink(goto) {
if (winOpened && winOpened.open && !winOpened.closed) {
	locArray = winOpened.location.href.split("/");
	if(locArray[locArray.length - 1] != goto){
		winOpened.location.href=goto;
		}
		winOpened.focus();
}else{
	openCustomWindow(goto);
}
}
//-->
</script>
</head>

<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="759" border="0" cellspacing="0" cellpadding="0" class="stdText">
  <tr>
    <td align="left" valign="middle" bgcolor="#FFFFFF"> </td>
    <td colspan="6" align="left" valign="top" bgcolor="#FFFFFF"><br>
    A = Associate<br>
F = Fellow<br>
FCL = Fellow Costs Lawyer<br><br>

      <form name="form1" method="post" action="<? print $_SERVER['PHP_SELF'] ?>">
        Search <font size="1">(all or part of name)</font>   
        <input name="search_string" type="text" id="search_string" size="20">
          
        <input name="search_type" type="radio" value="Surname" checked>
        Surname
        <input type="radio" name="search_type" value="Town">
        Town
        <input type="radio" name="search_type" value="County">
        County 
        <input type="submit" name="Submit" value="Submit">
      </form>
  </td>
  </tr>
  <tr>
    <td align="left" valign="middle" bgcolor="#FFFFFF">  </td>
    <td align="left" valign="middle" bgcolor="#FFFFFF"><? print "$first_set$previous_set$next_set$last_set" ?></td>
    <td align="left" valign="middle" bgcolor="#FFFFFF"> </td>
    <td bgcolor="#FFFFFF" colspan="4"><font size="1"><? print $message ?></font></td>
  </tr>
  <tr>
    <td> </td>
    <td><br><Br><a href="<? print $_SERVER['PHP_SELF'] ?>?order=name_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by Name Ascending"></a><a href="<? print $_SERVER['PHP_SELF'] ?>?order=name_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by Name Descending"></a><strong>Name</strong></td>
    <td><Br><br><a href="<? print $_SERVER['PHP_SELF'] ?>?order=town_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by Town Ascending"></a><a href="<? print $_SERVER['PHP_SELF'] ?>?order=town_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by Town Descending"></a><strong>Town</strong></td>
    <td><Br><br><a href="<? print $_SERVER['PHP_SELF'] ?>?order=county_up"><img src="./common/point_up.gif" width="20" height="15" border="0" alt="Order by County Ascending"></a><a href="<? print $_SERVER['PHP_SELF'] ?>?order=county_dn"><img src="./common/point_dn.gif" width="20" height="15" border="0" alt="Order by County Descending"></a><strong>County</strong></td>
    <td align="center" valign="top"><strong><Br><br>Status</strong></td>
    <td align="center" valign="top"><strong><br><Br>Details</strong></td>
    <td width="9" align="center" valign="top"> </td>
  </tr>
  <?
while ($q->next_record()) {
?>
  <tr>
    <td align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td align="left" valign="top" class="a2<? echo $class_done ?>">
      <? $q->p("Name") ?>
    </td>
    <td align="left" valign="top" class="a2<? echo $class_done ?>">
      <? $q->p("Town") ?>
    </td>
    <td align="left" valign="top">
      <? $q->p("County") ?>
    </td>
    <td align = "center" valign="top">
      <? $q->p("Status") ?>
    </td>
    <td align = "center" valign="top"><a href="javascript:winLink('popup_details.php?id=<? urlencode($q->p('Name')) ?>')"><img src="./common/pencil.gif" width="20" height="15" alt="<? print $details ?>" border="0"></a></td>
    <td align = "center" valign="top"> </td>
  </tr>
  <? } ?>
  <tr>
    <td width="84" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="239" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="147" align="left" valign="top" class="a2<? echo $class_done ?>"> </td>
    <td width="148" align="left" valign="top"> </td>
    <td width="55" align = "center" valign="top"> </td>
    <td width="77" align = "center" valign="top"> </td>
    <td align = "center" valign="top"> </td>
  </tr>
  <tr>
    <td colspan="7"> </td>
  </tr>
</table>
</body>
</html>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.