Results 1 to 11 of 11
Thread: content of forms not sent
-
09-16-2002, 12:04 PM #1Disabled
- Join Date
- Jul 2002
- Posts
- 100
content of forms not sent
Im having a strange problem...
I have moved a few sites to a new server, and suddently the forms have stopped working.
The forms were working fine on all my other severs but on this one the content that is filled in online on the form is not included in the mails i get.
Have any of you seen this problem before?
Ive pretty sure its not a scripting problem, ive tried with several scripts, all with the same result.
I really need your help here - so pls get back to me if you've got the slightest idea
thanks
-
09-16-2002, 01:58 PM #2Web Hosting Master
- Join Date
- May 2002
- Location
- UK
- Posts
- 2,997
Ah this one again
Let me guess you are trying to call a form field called 'test' via $test and it doesn't work?
Try calling it as $_POST['test']
The method of calling variables such as this was changed in php 4.1.0 and set to the new method by default in PHP 4.2.0.
http://www.php.net/manual/en/languag...predefined.php
-
09-16-2002, 01:59 PM #3Web Hosting Master
- Join Date
- Nov 2001
- Posts
- 857
EDIT: Well it seems someone answered just before me...
Regards,
Michael<?
header("Location: http://www.hostevolve.com/");
?>
-
09-16-2002, 02:00 PM #4Web Hosting Master
- Join Date
- May 2002
- Location
- UK
- Posts
- 2,997
Originally posted by michaeln
EDIT: Well it seems someone answered just before me...
-
09-16-2002, 02:05 PM #5Web Hosting Master
- Join Date
- Nov 2001
- Posts
- 857
Actually register globals is what I meant to put. However seeing as I only got a few hours of sleep safe mode seems to have come out instead. Which I suppose in a certain light that would be safe mode... LOL
<?
header("Location: http://www.hostevolve.com/");
?>
-
09-16-2002, 02:09 PM #6Web Hosting Master
- Join Date
- Jan 2002
- Location
- Atlanta, GA
- Posts
- 1,249
Originally posted by Rich2k
Ah this one again
Let me guess you are trying to call a form field called 'test' via $test and it doesn't work?
Try calling it as $_POST['test']
The method of calling variables such as this was changed in php 4.1.0 and set to the new method by default in PHP 4.2.0.
http://www.php.net/manual/en/languag...predefined.php
If my shared enviroment is upgraded all 100,000+ lines of code I've written on my site would become dead and useless...
When was this a standard for coding in forms?
What is the difference btwn accessing $stupid_var and $_GET['stupid_var'] or $_POST['stupid_var']?
Why didn't they make the new version backword compatiable?char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }main (){void (*f)() = x;f();}
I wear a gray hat
-
09-16-2002, 02:12 PM #7Web Hosting Master
- Join Date
- Nov 2001
- Posts
- 857
Well the server owner can go into the php.ini file and turn register_globals on.
<?
header("Location: http://www.hostevolve.com/");
?>
-
09-16-2002, 03:10 PM #8Web Hosting Master
- Join Date
- Jan 2002
- Location
- Atlanta, GA
- Posts
- 1,249
Originally posted by michaeln
Well the server owner can go into the php.ini file and turn register_globals on.char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }main (){void (*f)() = x;f();}
I wear a gray hat
-
09-16-2002, 03:31 PM #9Web Hosting Master
- Join Date
- May 2002
- Location
- UK
- Posts
- 2,997
No only your server admin can change this directive.
It has been possible to use this method since PHP 4.1.0 when they informed programmers they were going to change it.
It has been done as a matter of security and here is the answer direct from the PHP.net manual
By turning off the ability for any user-submitted variable to be injected into PHP code, you can reduce the amount of variable poisoning a potential attacker may inflict. They will have to take the additional time to forge submissions, and your internal variables are effectively isolated from user submitted data.
While it does slightly increase the amount of effort required to work with PHP, it has been argued that the benefits far outweigh the effort.
-
09-16-2002, 04:40 PM #10Junior Guru Wannabe
- Join Date
- Sep 2002
- Location
- Canada
- Posts
- 35
Originally posted by Studio64
Why was this done?
EZScripts - Quality PHP Scripts, Low Price (includes Custom Scripting on request.)
http://www.EZScripts.net/
-
09-16-2002, 05:39 PM #11Web Hosting Master
- Join Date
- May 2002
- Location
- UK
- Posts
- 2,997
And it still makes it securer even if you do have register globals on if you program correctly... e.g.
$cookievar = $_COOKIE['cookievar']
That way no one can fake a cookie using a query string.