richardterris Posted January 29, 2009 Share Posted January 29, 2009 Hi all, Been a while since I worked with PHP, and since im now getting more involved in MySQL, I thought I should go back to basics, and learn how to code PHP properly. I've started off with a real basic example of an HTML form "<html> <body> <FORM ACTION="welcome.php" METHOD=GET> First Name: <INPUT TYPE=TEXT NAME="firstname"><BR> Last Name: <INPUT TYPE=TEXT NAME="lastname"> <INPUT TYPE=SUBMIT VALUE="GO"> </FORM> </body> </html" called index.php and <?php echo "Welcome to our Web site, $firstname $lastname!" ; ?>" called welcome.php I know this code isnt valid, and is generally pretty messy, but since its just some exercises im not too concerned.... As far as i know this code is sound, in that it should take the 2 names, and pass them along with the url ? When i enter the names and click "go", im getting the output "welcome to our website," I know that its an apache server, and that PHP Myadmin is installed - I recently connected to MySQL Db through it, but i cant help but get the feeling that some setting somewhere isnt right, because i think this code, sloppy as it is, should work. Am i going mad? can anyone help? Thanks, RjT Quote Link to comment Share on other sites More sharing options...
rhodesa Posted January 29, 2009 Share Posted January 29, 2009 the feature you are talking about is register_globals...and for security reasons is off by default. the way to do this now is: <?php echo "Welcome to our Web site, '{$_GET['firstname']}' '{$_GET['lastname']}'!" ; ?> Quote Link to comment Share on other sites More sharing options...
CroNiX Posted January 29, 2009 Share Posted January 29, 2009 It probably doesn't matter, but GET should have quotes around it: <FORM ACTION="welcome.php" METHOD=GET> Quote Link to comment Share on other sites More sharing options...
richardterris Posted January 29, 2009 Author Share Posted January 29, 2009 Hey Thanks for that - thought i was going mad.... but i did suspect that it was something enabled or disabled so why is this feature disabled now? Quote Link to comment Share on other sites More sharing options...
CroNiX Posted January 29, 2009 Share Posted January 29, 2009 Its a big security risk and should never had existed in the first place, if you are referring the the "registered globals" Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted January 29, 2009 Share Posted January 29, 2009 See here for why register_globals can be very bad. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.