richardterris Posted January 29, 2009 Share Posted January 29, 2009 Hi all, Been a while since I worked with PHP, and since im now getting more involved in MySQL, I thought I should go back to basics, and learn how to code PHP properly. I've started off with a real basic example of an HTML form "<html> <body> <FORM ACTION="welcome.php" METHOD=GET> First Name: <INPUT TYPE=TEXT NAME="firstname"><BR> Last Name: <INPUT TYPE=TEXT NAME="lastname"> <INPUT TYPE=SUBMIT VALUE="GO"> </FORM> </body> </html" called index.php and <?php echo "Welcome to our Web site, $firstname $lastname!" ; ?>" called welcome.php I know this code isnt valid, and is generally pretty messy, but since its just some exercises im not too concerned.... As far as i know this code is sound, in that it should take the 2 names, and pass them along with the url ? When i enter the names and click "go", im getting the output "welcome to our website," I know that its an apache server, and that PHP Myadmin is installed - I recently connected to MySQL Db through it, but i cant help but get the feeling that some setting somewhere isnt right, because i think this code, sloppy as it is, should work. Am i going mad? can anyone help? Thanks, RjT Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/ Share on other sites More sharing options...
rhodesa Posted January 29, 2009 Share Posted January 29, 2009 the feature you are talking about is register_globals...and for security reasons is off by default. the way to do this now is: <?php echo "Welcome to our Web site, '{$_GET['firstname']}' '{$_GET['lastname']}'!" ; ?> Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/#findComment-749110 Share on other sites More sharing options...
CroNiX Posted January 29, 2009 Share Posted January 29, 2009 It probably doesn't matter, but GET should have quotes around it: <FORM ACTION="welcome.php" METHOD=GET> Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/#findComment-749114 Share on other sites More sharing options...
richardterris Posted January 29, 2009 Author Share Posted January 29, 2009 Hey Thanks for that - thought i was going mad.... but i did suspect that it was something enabled or disabled so why is this feature disabled now? Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/#findComment-749117 Share on other sites More sharing options...
CroNiX Posted January 29, 2009 Share Posted January 29, 2009 Its a big security risk and should never had existed in the first place, if you are referring the the "registered globals" Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/#findComment-749122 Share on other sites More sharing options...
genericnumber1 Posted January 29, 2009 Share Posted January 29, 2009 See here for why register_globals can be very bad. Link to comment https://forums.phpfreaks.com/topic/142885-simple-i-dont-think-so/#findComment-749139 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.