Jump to content


Photo

help with register_globals


  • Please log in to reply
No replies to this topic

#1 rasheedn

rasheedn
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 22 April 2006 - 03:55 PM

hey
i built my site on local host with apache and myphpadmin
everything was fine! didn't know that for some reason register_globals was on NOT off!!
i even uploaded it on a friends server and it worked fine! (could only keep it there for a few hours)

now uploaded it to the host and bang! they got the off!! and wont' change them of course for security reason!
i've read the onlnie help but still don't get what else i need to do
everything works fine
except when i load some1's data the buttons stop working
here's the website u can see what i mean
[a href=\"http://www.fisk.me.uk/rasheed/\" target=\"_blank\"]http://www.fisk.me.uk/rasheed/[/a]

i have used the extract and all that and still the buttons dont' work after i load some1's data!!

here's some of my code (the part to do with the buttons.

<? session_start(); ?>
<html>
<body>
<?php
include("filledforms.php");
include ("service_page.php");
//ini_set('error_reporting', E_ALL);
$_SESSION['History_id'];
$_SESSION['Cust_id'];
extract($_POST);extract($_GET);

if($_POST['Save']){ //this Save is not the one on the main page its on the service page
extract($_POST);extract($_GET);

sp($PHP_SELF);

} else if ($_GET['History_id']) { // this will display the history details
extract($_POST);extract($_GET);

$History_id = $_GET['History_id'];

$result = mysql_query("SELECT `History_id` , `Serv_date` , `Short_desc` , `Mot` , `Serv_details` , `Part_charge` , `Labor` , `Mot_charge` FROM `service` WHERE 1 AND `History_id` = '$History_id'");

$myrow = mysql_fetch_array($result);
$Serv_date = $myrow[Serv_date];
$Short_desc = $myrow[Short_desc];
$Mot = $myrow[Mot];
$Serv_details = $myrow[Serv_details];
$Part_charge = $myrow[Part_charge];
$Labor = $myrow[Labor];
$Mot_charge = $myrow[Mot_charge];
$Total = 0 + $Part_charge + $Labor + $Mot_charge;
$VAT =0.175*$Total;
$GTOTAL = $VAT + $Total;

service_page(&$PHP_SELF , $Serv_date,$Short_desc,$Mot,$Serv_details,$Part_charge,$Labor,$Mot_charge,$Total,$VAT,$GTOTAL);


}else if($_GET['Cust_id']){ // this will display the search results
extract($_POST);extract($_GET);

$Cust_idd= $_GET['Cust_id'];

$result = mysql_query("SELECT `Cust_id` , `First_name` , `Last_name` , `Address` , `Post_code` , `Phone_number` , `Mobile_number` , `Number_plate` , `Car` , `Model` , `Year` , `Mot_exp`
FROM `customer`
WHERE 1 AND `Cust_id` = '$Cust_idd' ");

$myrow = mysql_fetch_array($result);
$Cust_id = $myrow[Cust_id];
$First_name = $myrow[First_name];
$Last_name = $myrow[Last_name];
$Address = $myrow[Address];
$Post_code = $myrow[Post_code];
$Phone_number = $myrow[Phone_number];
$Mobile_number = $myrow[Mobile_number];
$Number_plate = $myrow[Number_plate];
$Car = $myrow[Car];
$Model = $myrow[Model];
$Year = $myrow[Year];
$Mot_exp = $myrow[Mot_exp];

$_SESSION['Cust_id'] = $Cust_id;

main_page_wv(&$PHP_SELF , $First_name , $Last_name , $Address , $Post_code , $Phone_number , $Mobile_number , $Number_plate , $Car , $Model , $Year , $Mot_exp);

$result2 = mysql_query("SELECT `Cust_id` , `History_id` , `Serv_date` , `Short_desc` , `Mot` , `Serv_details` , `Part_charge` , `Labor` , `Mot_charge` FROM `service` WHERE 1 AND `Cust_id` = '$Cust_id'");

$howmanyrows2=mysql_num_rows($result2);
$myrow2 = mysql_fetch_array($result2);

if ($myrow2 > 0){
echo "<b>History:</b> ","<br />\n" ;
do { //print the history for the current user

echo "<a href=\"".$PHP_SELF."?History_id=".$myrow2["History_id"]."\">".$myrow2["Serv_date"]." - ".$myrow2['Short_desc']."</a><br>";
echo "<br />\n";

} while ($myrow2 = mysql_fetch_array($result2));

}






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users