Passing Variables w/ PHP 5.1.5

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ibanez270dx
Forum Commoner
Posts: 74
Joined: Thu Jul 27, 2006 12:06 pm
Location: Everywhere, California

Passing Variables w/ PHP 5.1.5

Post by ibanez270dx »

Hi,
I have a portion of code in my PHP program that works on my personal server, but not on the freshly installed server here at work... Originally, my server had PHP version 4.3.11, whereas my new server has PHP 5.1.5. Here is the problem... This snippet of code no longer can pass the variables to the next page:

Code: Select all

<a href="export.php?w=1&month=<? echo $today_month; ?>&year=<? echo $today_year; ?>&listorder=<? echo $listorder; ?>&filename=<? echo $thefilename; ?>" name="2excel" class="print" target="_blank"><img src="images/excel.gif" border="0"> <b>Export to Excel</b></a>
However, when I use sessions, it works. I don't know what could be wrong... I'm thinking it has to do with configuration settings somehow, but I don't know what...

Thanks,
- Jeff
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I would guess short tags are off ("A good thing.")

<? to <?php
ibanez270dx
Forum Commoner
Posts: 74
Joined: Thu Jul 27, 2006 12:06 pm
Location: Everywhere, California

Post by ibanez270dx »

nah, I used <?php ... but I found out what was wrong - register_globals was turned off, so I had to switch it on in php.ini
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Do not turn them on. Bad, bad, bad monkey. :)

I'm serious though, don't have them on. Code properly by using $_GET, $_POST, $_COOKIE, $_SESSION and $_SERVER. Do not use $_REQUEST unless you know exactly what you're doing. Both register_globals and short_tags are being removed from PHP shortly. I don't want to see hundreds, although I know I will, of threads on "my code doesn't work anymore" when that happens.
ibanez270dx
Forum Commoner
Posts: 74
Joined: Thu Jul 27, 2006 12:06 pm
Location: Everywhere, California

Post by ibanez270dx »

Thanks for the heads up!
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

Do not use $_REQUEST unless you know exactly what you're doing.
This makes me think. What would be a legitmate use for $_REQUEST?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

ole wrote:This makes me think. What would be a legitmate use for $_REQUEST?
The only time I can safely say it's "okay" to use is when you peek at the ini setting that controls it and the setting matches what you're looking for. Remember that the order in which the letters appear alters which super global goes first and so forth.

http://php.net/ini.core#ini.variables-order
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

What's so bad about _REQUEST? Isn't user input considered unsecure/harmful until proven otherwise -regardless of the method?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

volka wrote:What's so bad about _REQUEST? Isn't user input considered unsecure/harmful until proven otherwise -regardless of the method?
True, it is, but using it can cause some phantom errors or other potentially unexpected results.

For example, if your local server runs with GP while your host runs PG and you aren't checking, you could accidentally use the wrong data. As long as proper checks are done, you should, overall, be fine.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

if two parameters with the same name do different things depending on wether they are sent via get or post in the same request imho the application has a bigger problem than the use of _REQUEST.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

volka wrote:if two parameters with the same name do different things depending on wether they are sent via get or post in the same request imho the application has a bigger problem than the use of _REQUEST.
Quite true, but that's a different story. :)
Post Reply