Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > PHP/MySQL > Beginning PHP
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Beginning PHP Beginning-level PHP discussions. More advanced coders should post to the Pro PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Beginning PHP section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #11 (permalink)  
Old June 12th, 2003, 11:22 AM
Registered User
 
Join Date: Jun 2003
Location: São Paulo, SP, Brazil.
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Weel... as NotNowJohn has said, if register_globals=off, the Frank's solution won't work. If register_globals=on, it works, but you're actually using a copy of the variable, not the variable itself. So, if you're trying to use an environment variable, for example, using $_ENV['nameofvariable'] assures that. If you use the copy, I mean, only $nameofvariable, its value can be changed by the url. It seems a bit dangerous, doesn't it? The performance (because php needs to copy the values of environment, get, post, session and cookies variables) is decreased...
In other words, keep register_globals=off and get used to it.

:o)
Fernando.
Reply With Quote
  #12 (permalink)  
Old June 13th, 2003, 12:32 AM
Authorized User
 
Join Date: Jun 2003
Location: , , Germany.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi all,

thanks for reply, I'm discovering right now the greate flexibility of $HTTP_GET_VARS and $HTTP_POST_VARS.

Cheers,
Frank
Reply With Quote
  #13 (permalink)  
Old June 19th, 2003, 12:55 PM
Friend of Wrox
Points: 2,570, Level: 21
Points: 2,570, Level: 21 Points: 2,570, Level: 21 Points: 2,570, Level: 21
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: San Diego, CA, USA
Posts: 836
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Do _NOT_ use $HTTP_xxx_VARS. Use $_xxx instead.

HTTP_xxx_VARS was deprecated a long time ago now. They still work but they act quite differently than their $_xxx superglobal counterparts.

$_xxx vars are "superglobals", whereas $HTTP_xxx_VARS are regular variables. That means that $_xxx is always in scope, even within a function. You don't have to import it into function or class scope.

Also -- the variables stored in HTTP_xxx_VARS are COPIES of the values in the superglobals. Changing one does not change the other. Same thing with $_REQUEST.

$_REQUEST is also a Bad Thing (imho) because you, the programmer, should know where your data is coming from. When you use $_REQUEST, you're saying "I'll take this value from wherever it comes in, be it GET, POST, or SESSION."

That sounds a lot like a lazy assumption, and laziness is the root of almost all bugs and security holes.

With $_REQUEST, there is always the chance that there will be variable naming conflicts. Suppose you have a session variable named "username", and someone submits a form with an input field named "username". If, on the recieving page of that script, you access the value via $_REQUEST['username'], which username are you getting?

Are you sure it's the right one? Why not always be explicit?

For more info, read my old FAQ at:

http://p2p.wrox.com/archive/beginnin...2002-11/17.asp


Take care,

Nik
http://www.bigaction.org/
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SQL query retrieving last record and group by snowy SQL Language 2 December 13th, 2006 01:59 PM
Problem retrieving string value of XML document wslyhbb Javascript How-To 0 September 19th, 2006 08:16 AM
Query String Baby_programmer ASP.NET 1.0 and 1.1 Basics 3 December 24th, 2004 11:14 AM
Quotes in SQL String Retrieving Access Data ritag Access VBA 5 November 17th, 2004 06:04 PM



All times are GMT -4. The time now is 03:09 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.