PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hi,
I have a portion of code in my PHP program that works on my personal server, but not on the freshly installed server here at work... Originally, my server had PHP version 4.3.11, whereas my new server has PHP 5.1.5. Here is the problem... This snippet of code no longer can pass the variables to the next page:
However, when I use sessions, it works. I don't know what could be wrong... I'm thinking it has to do with configuration settings somehow, but I don't know what...
I'm serious though, don't have them on. Code properly by using $_GET, $_POST, $_COOKIE, $_SESSION and $_SERVER. Do not use $_REQUEST unless you know exactly what you're doing. Both register_globals and short_tags are being removed from PHP shortly. I don't want to see hundreds, although I know I will, of threads on "my code doesn't work anymore" when that happens.
ole wrote:This makes me think. What would be a legitmate use for $_REQUEST?
The only time I can safely say it's "okay" to use is when you peek at the ini setting that controls it and the setting matches what you're looking for. Remember that the order in which the letters appear alters which super global goes first and so forth.
volka wrote:What's so bad about _REQUEST? Isn't user input considered unsecure/harmful until proven otherwise -regardless of the method?
True, it is, but using it can cause some phantom errors or other potentially unexpected results.
For example, if your local server runs with GP while your host runs PG and you aren't checking, you could accidentally use the wrong data. As long as proper checks are done, you should, overall, be fine.
if two parameters with the same name do different things depending on wether they are sent via get or post in the same request imho the application has a bigger problem than the use of _REQUEST.
volka wrote:if two parameters with the same name do different things depending on wether they are sent via get or post in the same request imho the application has a bigger problem than the use of _REQUEST.