Hi:
following are two very short code, I am stick in the variable problem, can someone can me? THanks!
this is the code of html file I open first
<HTML>
<HEAD></HEAD>
<BODY>
<FORM method="get" action="text.php">
WHo is your favourite authors?
<INPUT name="aaa" type="text">
<br>
<br>
<input type=submit>
</FORM>
</BODY>
</HTML>
This is the code in text. php in the same root directory
<HTML>
<HEAD></HEAD>
<BODY>
Your favorite author is:
<?php
echo $aaa;
?>
</BODY>
</HTML>
when I open the first page and click submi buttont,
how the outcome shows so?
Your favorite author is:
Notice: Undefined variable: aaa in c:\inetpub\wwwroot\text.php on line 6
I think the variable has already sent to the php engine, then why can not find variable of aaa.
I am sure there is no any problem about the upper case and lower case.
Thanks
One beginner's variable problem
Moderator: General Moderators
-
lancet2003
- Forum Newbie
- Posts: 20
- Joined: Sat Aug 09, 2003 11:29 pm
-
lancet2003
- Forum Newbie
- Posts: 20
- Joined: Sat Aug 09, 2003 11:29 pm
I got it. thanks
I set register_globals to on, then it is OK.
Thanks
Thanks
You should always have register globals off, if you have the choice.
With register globals off, the $aaa var doesn't exist - hence your undefined variable error - but it DOES exist as $_GET['aaa']. Register globals on is simply declaring all the superglobal GET vars (and others) automatically into the script's scope. That is a huge security risk if you have a carelessly written script with undefined vars or indexes.
So, turn reg globs back off and access GET vars directly from the superglobal $_GET array. While you're at it, change the form action from GET to POST: it's slightly more secure since hackers have to go to the trouble of forging a form rather than simply typing in some GET vars in the browser address bar.
With register globals off, the $aaa var doesn't exist - hence your undefined variable error - but it DOES exist as $_GET['aaa']. Register globals on is simply declaring all the superglobal GET vars (and others) automatically into the script's scope. That is a huge security risk if you have a carelessly written script with undefined vars or indexes.
So, turn reg globs back off and access GET vars directly from the superglobal $_GET array. While you're at it, change the form action from GET to POST: it's slightly more secure since hackers have to go to the trouble of forging a form rather than simply typing in some GET vars in the browser address bar.
-
lancet2003
- Forum Newbie
- Posts: 20
- Joined: Sat Aug 09, 2003 11:29 pm
thanks
thanks all, I got it.