Script Annoyance... register_globals =on Vs off

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mmanders
Forum Newbie
Posts: 23
Joined: Sun Jan 16, 2005 7:13 pm

Script Annoyance... register_globals =on Vs off

Post by mmanders »

Hey,

My site developed on a home setup apache/php/mysql server works fine here. My university web space where the site must be uploaded does not run the scripts correctly. They have and older version of PHP with register_globals set to On... I cannot modify this thru .htaccess as AllowOverrides None has been set for my dir.

How do I rewrite, or what needs to be changed in a script to port code written for register_globals = off to register_globals = on

Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

typically nothing. Maybe you should post your code.
rehfeld
Forum Regular
Posts: 741
Joined: Mon Oct 18, 2004 8:14 pm

Post by rehfeld »

also, what specific php version are they running?
mmanders
Forum Newbie
Posts: 23
Joined: Sun Jan 16, 2005 7:13 pm

Post by mmanders »

here is the relevant php, there is html in between but so i can paste it in i have ommited it:

Code: Select all

<?php
session_start();
$path = ini_get('include_path');
$sep = PATH_SEPARATOR;
$docRoot = $_SERVER&#1111;'DOCUMENT_ROOT'];
$dirName = dirname($_SERVER&#1111;'PHP_SELF']);
ini_set('include_path', $path . $sep . $docRoot . '/phpIncludes' . $sep . $docRoot . $dirName . '/login');
include_once('common.php');
include_once('db.php');

$uid = isset($_POST&#1111;'uid']) ? $_POST&#1111;'uid'] : $_SESSION&#1111;'uid'];
$pwd = isset($_POST&#1111;'pwd']) ? $_POST&#1111;'pwd'] : $_SESSION&#1111;'pwd'];

if(!isset($uid)) &#123;
?>
<html>
...
a form to collec tthe login details
...
</html>
<?php
exit;
&#125;

$_SESSION&#1111;'uid'] = $uid;
$_SESSION&#1111;'pwd'] = $pwd;

//dbConnect("elearn");
dbConnect("ceemrm1");
$sql = "SELECT * FROM user WHERE
        username = '$uid' AND password = PASSWORD('$pwd')";

$result = mysql_query($sql);

if (!$result)
&#123;
  error('A database error occurred while checking your '.
        'login details.\\nIf this error persists, please '.
        'contact webmaster@realisedesign.co.uk.');
&#125;

if (mysql_num_rows($result) == 0) &#123;
  unset($_SESSION&#1111;'uid']);
  unset($_SESSION&#1111;'pwd']);
  include("accessdenied.php");
  exit;
&#125;

$username = mysql_result($result,0,'firstname');
$surname = mysql_result($result,0,'surname');
?>

feyx | fixed

Code: Select all

tags[/color]
mmanders
Forum Newbie
Posts: 23
Joined: Sun Jan 16, 2005 7:13 pm

Post by mmanders »

This code is a header to every protected page... If this is at home, the user is prompted to login if the session variables are not set, at uni, they are shown the protected cotent, and when they signout and try and return to a protected page, they are again show the protected content without being challenged for a password.

the uni url is http://www.macs.hw.ac.uk/~ceemrm1/project

Hope this helps
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

it sounds/looks like they have a version of php that doesn't have the $_SERVER style superglobals.. you'll need to convert them to $HTTP_SERVER_VARS and the like..
mmanders
Forum Newbie
Posts: 23
Joined: Sun Jan 16, 2005 7:13 pm

Post by mmanders »

They have the same variable_order as me, and use 4.3.4 of PHP... $_SERVER works because otherwise I would get an error about including files because the include path would not be set correctly.

Is it possible that $_SESSIONS does not work? In that case, can you direct me to somewhere that will show me hwo to convert $_SESSION to HTTP_SESSION_VARS !?

Thanks
Post Reply