Page 1 of 1

How to edit code to not require register_globals?

Posted: Mon Sep 10, 2007 2:08 pm
by tdp
Good afternoon.....I am pretty much a newbie at PHP and I bought some script from a gentleman a while back and now I am unable to get in touch with him. The script is a "multi-file uploader" script that will allow individuals to upload files to me. I have made the changes to the script as I was directed, but still can't get it to work. If anyone can take a look at this, it would be most appreciated. There are 3 files: config_mfuploaderII.php, mfuploaderII.php & style_mfuploaderII.css

***********************************************

config_mfuploaderII.php

***** PLEASE USE

Code: Select all

AND OTHER TAGS FOR CODE *****[/color]

Code: Select all

<?
/*
	Multifile Uploader Script - 
	Author : 
	Contact : 
	Last Modified : May 8, 2005
	
*/
$basePATH = "/home/tdpearce/public_html/uploaded/"; // Full PATH to script dir
$baseURL = "http://www.digitaltributedesign.com/uploaded/"; // Full URL to script dir
$stylesheet = "style_mfuploaderII.css"; // relative path to stylesheet
// images
$foldericon = "images/folder.gif";
$imageicon = "images/image.gif";
$othericon = "images/text.gif";


$showstatusDir = "yes"; // confirms directory on status report
$numUploads = "15"; // Number of upload blanks to be shown on page
$limitFiles = "yes"; // Allow only certain filetypes?
$showAllowedFiles = "yes"; // 
$allowedFiles = array("jpg", "gif", "png", "bmp"); // Allowed filetypes
$mainTableWidth = "75%";
$showCopyright = "yes"; // not required

// Security
$reqSecure = "yes"; // Passcode control?
$profile = array(
	// add as many profiles as you like or change any permissions for the following profiles
   "admin" => array(
      "allowFileDelete" => true,			// delete Files
      "allowDirDelete" => true,				// delete Directories
      "allowChangeDir" => true,				// create Files
      "allowCreateDir" => true,				// create Directories
	  "allowViewGraphic" => true			// view images
   ),
   "trusteduser" => array(
      "allowFileDelete" => true,
      "allowDirDelete" => true,
      "allowChangeDir" => true,
      "allowCreateDir" => false,
	  "allowViewGraphic" => true
   ),
   "regularuser" => array(
      "allowFileDelete" => false,
      "allowDirDelete" => false,
      "allowChangeDir" => true,
      "allowCreateDir" => false,
	  "allowViewGraphic" => true
   ),
   "restricteduser" => array(
      "allowFileDelete" => false,
      "allowDirDelete" => false,
      "allowChangeDir" => false,
      "allowCreateDir" => false,
	  "allowViewGraphic" => true
   ),
//  "nosecurityuser" is profile used if you have $reqSecure = no  
   "nosecurityuser" => array(
      "allowFileDelete" => false, 
      "allowDirDelete" => false,
      "allowChangeDir" => true,
      "allowCreateDir" => false,
	  "allowViewGraphic" => true
   )
);
$user = array(
// add as many users as you need
// format : "username" =>array("password" =>"password assigned by admin","profile" =>"assign profile from above")
   "****" => array("password" => "****","profile" => "admin"),

);
$notsecureprofile = "nosecurityuser"; // profile if no password security on script

// Screen Text & Error Messages - can be changed to any language
$caption = "DIGITAL TRIBUTE DESIGN MULTIFILE UPLOADER/MANAGER";
$loginpageMsg = "Please Enter Your Username and Passcode";
$usernameText = "Username";
$passwordText = "Passcode :";
$loggedonText = "Logged On";
$loginButtonText = "Go To Upload Section";
$logoutText = "logout now";
$directorysectionTitle = "DIRECTORY & FILE LIST ";
$deleteMsg = "Are you sure you want to delete....";
$yesMsg = "YES";
$noMsg = "NO";
$diddeleteMsg = "Deleted....";
$cannotdeleteMsg_1 = "The directory";
$cannotdeleteMsg_2 = "could not be deleted. It must be empty before you can delete it.";
$changeddirMsg = "Moved to directory....";
$makedirectoryTitle = "CREATE A NEW DIRECTORY";
$makedirText = "Directory Name";
$makedirButtonText = "Create Now!";
$existsMsg_1 = "The directory";
$existsMsg_2 = "already exists";
$createddirMsg = "Created the new directory....";
$backlinkText = "ROOT [back]";
$viewText = "View";
$deletelinkText = "DELETE";
$typeText = "Type";
$nameText = "Name";
$sizeText = "Size";
$modifiedText = "Modified";
$uploadsectionTitle = "SELECT FILES TO UPLOAD";
$directorywarningMsg = "- Be Sure You Are At The Correct Directory";
$allowedfiletypesText = "Allowed Filetypes";
$lineText	=	"File";
$uploadButtonText = "Upload Files";
$statusMsg = "Upload Status :";
$nofileMsg = "No file selected for upload";
$notallowedMsg = "NOT ALLOWED";
$existsMsg = "ALREADY EXISTS";
$successMsg = "has been uploaded";
$linkSpacer = " <b> : </b> ";
?>


***************************************

[u]mfuploaderII.php[/u]

<?
/*
	Multifile Uploader Script 
	Author : 
	Contact : 
	Last Modified : May 8, 2005
	
*/
include("config_mfuploaderII.php");
if(!$wkgdir) $wkgdir="/";
	
// table framing whole page
$pageTop = "<html><head><title>$caption</title><link href=$stylesheet rel=stylesheet type=text/css></head><body><div align=\"center\" class=caption><a href=\"index.php\">$caption</a></div><div align=\"center\"><table width=$mainTableWidth border=0><tr><td>";

$pageBottom = "</td></tr></table></div></html></body>";

if($showCopyright == "yes")	{
		$pre = "Please name the photos with the funeral home name, the client's last name and then sequentially in the order you would like them to appear (e.g. funeralhome-smith001.jpg)";
		$version = "1.0";
		$startdate = "2003";
		
$copyright ="&nbsp;<p><div align=center class=copybar>$pre";
}

// session management
if($reqSecure == "yes")	{
	session_start();
if (!session_is_registered("mfupload")) {
      if (isset($_POST["username"]) && isset($_POST["password"]) && isset($user[$_POST["username"]]) && ($_POST["password"] == $user[$_POST["username"]]["password"])) {
			session_register("mfupload");
			$_SESSION["mfupload"] = $_POST["username"];
			header("Location: $PHP_SELF");
			exit;
		} 
	  else {
// login page
         echo $pageTop;
		 echo "&nbsp;<p><div align=\"center\" class=sitetag>$loginpageMsg</div>";
         echo "&nbsp;<p><div align=\"center\"><table border=0>";
         echo "<form name=loginform method=post action=$PHP_SELF>";
         echo "<tr><th>$usernameText</th><td><input type=text name=username style=\"width: 135px;\"></td></tr>";
         echo "<tr><th>$passwordText</th><td><input type=password name=password style=\"width: 135px;\"></td></tr>";
         echo "<tr><th>&nbsp;</th><td><input type=submit class=button value=\"$loginButtonText\" style=\"width: 135px;\"></td></tr>";
         echo "</form></table></div>";
         echo "<script language=javascript>document.loginform.username.select();document.loginform.username.focus();</script>";
		 echo $copyright;
		 echo $pageBottom;
         exit;
		}
	}
else	{
         $username = $_SESSION["mfupload"];
      }
}//end of if $reqSecure

	// kill session
if($_GET["action"]=="logout")	{
	 session_unset("mfupload");
         header("Location: $PHP_SELF");
         exit;
} 

// User Permission Settings
if(!session_is_registered("mfupload"))	{
$userprofile = $notsecureprofile;
}
else	{
$userprofile = $user[$username]["profile"];
}

$allowFileDelete = $profile[$userprofile]["allowFileDelete"];
$allowDirDelete = $profile[$userprofile]["allowDirDelete"];
$allowChangeDir = $profile[$userprofile]["allowChangeDir"];
$allowCreateDir = $profile[$userprofile]["allowCreateDir"];
$allowViewGraphic = $profile[$userprofile]["allowViewGraphic"];


function page_detail(){
	include("config_mfuploaderII.php");
	global $userprofile,$allowFileDelete,$allowChangeDir,$allowCreateDir,$allowViewGraphic;
	global $basePATH,$wkgdir,$msg2,$msg_upload,$action,$file,$image,$fileurl;
	
	if($allowCreateDir)	{
	$makenewdir = "&nbsp;<br><div align=\"left\"><li><b>$makedirectoryTitle</b></div><div align=\"center\"><table border=\"0\" width=\"100%\" class=bodytable><form method=\"post\" action=\"$PHP_SELF\"><input type=\"HIDDEN\" name=\"action\" value=\"mkdir\"><input type=\"HIDDEN\" name=\"wkgdir\" value=\"$wkgdir\"><tr><th style=\"width: 20%;\"> $makedirText </td><td><input type=\"text\" name=\"mkdirfile\" style=\"width: 100%;\"></td><td style=\"width: 20%;\"><input type=\"submit\" name=\"mkdir\"  value=\"$makedirButtonText\" class=button></td></tr></form></table></div>";
	}
	$backlink = "<div align=\"center\"><table border=\"0\" width=\"100%\"><tr><td><div align=\"left\"><A HREF=\"$PHP_SELF?action=root\">«$backlinkText</a></div></td></tr></table></div";

	if($action == "" || $action == "root")	{ 
		echo $makenewdir;
		}
		else	{
			echo $backlink;
			}
	echo "<div align=\"center\"><table border=\"0\" width=\"100%\">";
	if($msg2 !="")	{
		echo " <tr><td colspan=\"2\" class=msg_table>$msg2</td></tr>";
		}
	echo "</table>";
	// Upload Files
	echo "&nbsp;<br><div align=\"left\"><li><b>$uploadsectionTitle</b>";
	if($allowChangeDir)	{
	echo  $directorywarningMsg;
	}
	echo "</div>";
	echo "<div align=\"center\"><table width=100% border=\"0\" class=bodytable>";
	if($showAllowedFiles == "yes")	{
		echo "<tr><th colspan=2><div align=\"center\">$allowedfiletypesText : ";
        	for($i=0;$i<count($allowedFiles);$i++)	{
				if (($i<>count($allowedFiles)-1))$commas=", "; else $commas="";
				list($key,$value)=each($allowedFiles);
				echo $value.$commas;
				}
	}
	echo "</div></td></tr>";
	echo "<tr><td width=50%><table width=100% border=0>";
	echo "<form enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
	echo "<input type=\"hidden\" name=\"wkgdir\" value=\"$wkgdir\">";
		$num = 0;
		while($num < $numUploads) {
		$num++;
		echo "<tr><th style=\"width: 20%;\">$lineText $num:</td><td><input name=\"dofile$num\" type=\"file\" style=\"width: 50%;\"></td></tr> ";
		}
	echo "<tr><td style=\"width: 20%;\">&nbsp;</td><td><input name=\"doupload\" type=\"submit\" value=\"$uploadButtonText\" class=button style=\"width: 100%;\"></td></tr>";
	echo "</form>";
	echo "</table></td>";
	echo "<td width=50%><div align=\"center\"><table width=95% border=0 class=msg_table>";
		if($msg_upload)	{
			echo "<tr><th colspan=3><div align=\"center\">$statusMsg ";
			if($showstatusDir == "yes")	{
			echo $wkgdir;
			}
			echo "</div></td></tr>";
			echo $msg_upload;
			}
	echo "</table></div></td></tr></table></div>";
}

// File size calculations
function display_size($file){
$file_size = filesize($file);
if($file_size >= 1073741824) 	{
        $file_size = round($file_size / 1073741824 * 100) / 100 . "g";
	}
elseif($file_size >= 1048576)	{
        $file_size = round($file_size / 1048576 * 100) / 100 . "m";
	}
elseif($file_size >= 1024)	{
        $file_size = round($file_size / 1024 * 100) / 100 . "k";
	}
else{
        $file_size = $file_size . "b";
	}
return $file_size;
}
// List the files function
function list_files()	{
	include("config_mfuploaderII.php");
	global $userprofile,$allowFileDelete,$allowViewGraphic;
	global $allowedFiles,$basePATH,$wkgdir,$key;

// Load directory into array
	$handle=opendir(".");
	while ($file = readdir($handle))		{
		if(is_file($file)) $filelist[] = $file;
		}
	closedir($handle);
// List files
	if($filelist)		{
		asort($filelist);
		while (list ($key, $file) = each ($filelist))			{
			$ext = substr(strrchr( $file , "." ), 1);
			$ext = str_replace("jpeg", "jpg", $ext);
			// Image
			if(in_array($ext,$allowedFiles))				{
				$icon = "<img src=\"$imageicon\" alt=\"Image\" border=\"0\" width=\"16\" height=\"16\">";
				}
			// Not an image
			else				{ 
				$icon = "<img src=\"$othericon\" alt=\"Not An Image\" border=\"0\" width=\"15\" height=\"15\">";
				}
				
			$filename=$basePATH.$wkgdir.$file;
			$fileurl=rawurlencode($wkgdir.$file);
			$lastchanged = filectime($filename);
			$changeddate = date("d-m-Y H:i:s", $lastchanged);
// List the file(s)
			echo "<tr><td align=\"center\">$icon</td><td>".htmlspecialchars($file)."</td><td align=\"right\">".display_size($filename)."</td><td align=\"right\">".$changeddate."</td><td>";
			if($allowViewGraphic && in_array($ext,$allowedFiles))	{
			echo "<a href=$baseURL$wkgdir$file target=_new>$viewText</a>";
			}	else	{	echo "&nbsp;";	}
			echo "</td><td>";
			if($allowFileDelete)	{
				echo "<a href=\"$PHP_SELF?action=del&wkgdir=$wkgdir&file=$file\">$deletelinkText</a>";
				}	else	{	echo "&nbsp;";	}
				echo "</td></tr>";
			}
		}
	}
// List the directories
function displaydir()	{
	include("config_mfuploaderII.php");
	global $userprofile,$allowDirDelete,$allowChangeDir;
	global $username,$file,$basePATH,$wkgdir;

// logout link	
if (session_is_registered("mfupload")) {
	echo "<div align=\"right\">$loggedonText - $username&nbsp;&nbsp;$linkSpacer<a href=$PHP_SELF?action=logout>$logoutText</a>$linkSpacer</div>";
}

if($allowChangeDir)	{
// Draw the main table for directories and files
echo "&nbsp;<br><div align=\"left\"><li><b>$directorysectionTitle $wkgdir</b></div>";
echo "<div align=\"center\"><table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\"100%\" class=bodytable>";	
echo "<tr><th>$typeText</th><th style=\"width: 40%;\">$nameText</th><th style=\"width: 10%;\">$sizeText</th><th>$modifiedText</th><th>&nbsp;</th><th>&nbsp;</th></tr>";
// Load directory into array
		chdir($basePATH . $wkgdir);
		$handle=opendir(".");
		while (false !== ($file = readdir($handle)))		{
			if(is_dir($file)) $dirlist[] = $file;
			}
		closedir($handle);
// List directories first		
		if($dirlist)			{
			asort($dirlist);
			while (list ($key, $file) = each ($dirlist))				{
				if($file != "." && $file != "..")	{
				
					$fileurl=rawurlencode($wkgdir.$file);
				
			echo "<tr><td align=\"center\"><img src=\"$foldericon\" border=\"0\" width=\"15\" height=\"13\"></td><td><A HREF=\"$PHP_SELF?action=chdr&file=$fileurl\">".htmlspecialchars($file)."</a></td><td align=\"right\"></td><td align=\"right\">&nbsp;</td><td>&nbsp;</td><td>";
				if($allowDirDelete)	{
					echo "<A HREF=\"$PHP_SELF?action=del&wkgdir=$wkgdir&file=$file\">$deletelinkText</A></td></tr>";
							}
					}
				}
		list_files();
		echo "</table></div>";
		}
	}
	}
// User has entered .. as directory. Potential security breach. Deny access.
$regexp="\\.\\.";
if (ereg( $regexp, $file, $regs )| ereg( $regexp, $wkgdir,$regs ))
{
    $msg2 = "ERROR: Directories may not contain the character \"..\"";
	echo $pageTop;
    page_detail();
	killit();
	echo $copyright;
    echo $pageBottom;
    exit;
}

if($doupload) {
global $allowedFiles;
$num = 0;
while($num < $numUploads) {
	$num++;

	$upFile = "dofile$num"."_name";
	$upFile1 = $$upFile;
	$upFile2 = "dofile$num";
	$upFile3 = $$upFile2;

	$ext = substr(strrchr( $upFile1 , "." ), 1);
	$ext = str_replace("jpeg", "jpg", $ext);
	
	$size = filesize($upFile3)/1024;
	$size = round($size,1);
	
	// error messages
	if($upFile3 == "") {
		$msg_upload .= "<tr><td>$lineText $num :</td><td colspan=2>$nofileMsg</td></tr>";
		}
	elseif($limitFiles == "yes" && !in_array($ext,$allowedFiles))	{
		$msg_upload .= "<tr><td>$lineText $num :</td><td><b>$upFile1</b></td><td>$notallowedMsg</td></tr>";
		}
	elseif(file_exists("$basePATH.$wkgdir$upFile1")) {
		$msg_upload .="<tr><td>$lineText $num :</td><td><b>$upFile1</b></td><td>$existsMsg</td></tr>";
		} 
	else {
	// everything OK
		move_uploaded_file ($upFile3, "$basePATH.$wkgdir$upFile1");
		$msg_upload .="<tr><td>$lineText $num :</td><td><b>$upFile1</b> ($size)</td><td>$successMsg</td></tr>";
		}
	}
	echo $pageTop;
	displaydir();
	page_detail();
	echo $copyright;
	echo $pageBottom;
	exit;
} 


// Begin actions code
switch ($action){
// No $action variable? Display initial page
	case "":
		echo $pageTop;
		displaydir();
		page_detail();
		echo $copyright;
		echo $pageBottom;
		break;
// Change to root dir
	case "root":
   		$wkgdir="/";
		echo $pageTop;
		displaydir();
		page_detail();
		echo $copyright;
		echo $pageBottom;
		break;
		
// Change directory
	case "chdr":
		$wkgdir=$file."/";
		$msg2 = "$changeddirMsg $wkgdir";
		echo $pageTop;
		displaydir();
		page_detail();
		echo $copyright;
		echo $pageBottom;
		break;
// Delete file or directory
	case "del":
		if ($confirm=="yes")			{
            if(is_dir($basePATH.$file)) {
                $result = @rmdir($basePATH.$file);
                if($result == 0) {
                    $msg2 = "$cannotdeleteMsg_1 '$file' $cannotdeleteMsg_2";
                }
            } 
            else { 
                unlink($basePATH.$wkgdir.$file);
				$msg2 = "$diddeleteMsg $file";
            } 
		}
		else	{
		$msg2 = "$deleteMsg $wkgdir$file ?  <a href=\"$PHP_SELF?action=del&confirm=yes&wkgdir=$wkgdir&file=$file\">$yesMsg</a>	| <a href=\"$PHP_SELF\">$noMsg</a>";
		}
			echo $pageTop;
			displaydir();
			page_detail();
			echo $copyright;
			echo $pageBottom;
			break;
		
// Create directory
	case "mkdir":
// The directory already exists. 
			if(file_exists($basePATH.$wkgdir.$mkdirfile))				{
				$msg2 = "$existsMsg_1 $wkgdir$mkdirfile $existsMsg_2";
				}
			else				{
				$msg2 = "$createddirMsg $wkgdir$mkdirfile";
				mkdir($basePATH.$wkgdir.$mkdirfile,0750);
				}
				echo $pageTop;
				displaydir();
				page_detail();
				echo $copyright;
				echo $pageBottom;
				break;
}
?>


****************************

[u]style_mfuploaderII.css[/u]

/* author: */
/* Creation date: 4/23/2005 */
body {
	margin-top: 0px;  
	margin-bottom: 0px;
	margin-left: 0px; 
	margin-right: 0px; 
	background: #4e68a2 url(images/bg_top.jpg) top left no-repeat; 
	font-family: Trebuchet MS, Helvetica, sans-serif; 
	font-size: 9pt; 
	font-style: normal;
	text-decoration: none; 
	text-align: justify;
	color: #3E588F;
}
a {color: #505a49; font-size: 7.5pt; font-weight: bold; text-decoration: none; }
a:hover { color: #8090A3; font-size: 7.5pt; font-weight: bold; text-decoration: none; }
.caption {
	background: #ffffff;
       height: 15px;
width: 100%;
	border-bottom: 1px solid #95A5AD;
	margin: 0px;
	color : #3E588F;
	text-align: center;
	padding-top: 2px;
	padding-right: 0px;
	padding-bottom: 2px;
	padding-left: 0px;
	font-family: tahoma, arial, verdana, helvetica, sans-serif;
	font-size: 8pt;
	font-weight: bold;
}
.sitetag	{
	font-size: 19pt;
	font-weight: bold;
	font-family: Trebuchet MS, Helvetica, sans-serif;
	color: #3E588F;
}
table, td{
	font: normal 7.5pt verdana, tahoma, arial, helvetica, sans-serif;
	color:#2F497F;
	padding: 0px, 0px, 0px, 0px;
	text-align:left;
	}
.bodytable {
	background-color: #D1DBEF;
	padding-bottom: 8px;
	padding-left: 8px;
	padding-right: 8px;
	padding-top: 8px;
	font: normal 7.5pt verdana, tahoma, arial, helvetica, sans-serif;
	color: #000000;
	border: 1px solid #2F497F;
}
.msg_table	{
	background: #ffffff;
	font-style: normal; 
	font-variant: normal; 
	font-weight: bold; 
	font-size: 8pt; 
	font-family: sans-serif; 
	color: #2F497F;
	text-indent : 2px; 
	text-align: center;
}
input, text, textarea, select	{
	font: 8.5pt verdana,arial,helvetica,sans-serif;
	color: #2F497F;
	border: 1px solid #4E68A2;
	background-color: #fff;
	text-indent:2px;
}
.button{
	background-color: #fff;
	font: bold 8.5pt Trebuchet MS, verdana,arial,helvetica,sans-serif;
	color: #4E68A2;
	border-left-color: #fff;
	border-bottom-color: #545454;
	border-top-color: #fff;
	border-right-color: #545454;
		}
.copybar {
	white-space: nowrap; 
	font-family: Trebuchet MS, Helvetica, sans-serif; 
	font-size: 6.5pt;
	font-weight: normal;
color: #fff;
}
.copybar a { font-weight: bold;  text-decoration: none;  color: #505a49; font-size: 7.5pt;   }
.copybar a:hover { font-weight: bold;  text-decoration: underline;  color: #ff9900; font-size: 7.5pt;   }
.copybar a:visited { font-weight: bold;  color: #505a49; font-size: 7.5pt;   }
[/b]

Posted: Mon Sep 10, 2007 2:32 pm
by Christopher
That is a lot of code for our members to look through. Can you narrow down the problem to a specific part of the code that is not working?

Posted: Mon Sep 10, 2007 2:32 pm
by Zoxive
Forum Rules wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.
Before Post Read: General Posting Guidelines wrote:7: Write a clear subject line, it'll help people deciding whether to look at your post or not - 'help, PHP noob' is probably going to be ignored by some.
8: Don't just post - 'This doesn't work' - tell us exactly what doesn't work and make sure to include any error messages you're getting

Posted: Mon Sep 10, 2007 2:44 pm
by tdp
Sorry about all that.

The issues:

#1. When I log into the uploader page and hit "login", it goes to a blank page instead of forwarding to the upload page. If you hit "refresh" it will go to the correct upload page.

#2. Once you are there, if you select a file to upload and hit the "upload files" button, it does nothing.

#3. If you hit the "logout now" button, it takes you to a blank page. If you hit "refresh" it will take you back to the login page, but if you try to login using a different user name and password, it goes to a blank page and acts like it doesn't really log out.

I have this up on my webpage if someone would like to see it in action. I can set you up with a temporary username and password to try it.

I really appreciate your help on this.

Thanks!

Posted: Mon Sep 10, 2007 3:24 pm
by Zoxive
Well with my quick glance, your not getting redirected to login, because the Redirect is assuming Register_Globals is on. That could be a problem for a lot of it.

Posted: Mon Sep 10, 2007 3:59 pm
by tdp
Is that something I would need to change somewhere or is it something I would even be able to change?

I think it's fixed

Posted: Mon Sep 10, 2007 6:37 pm
by tdp
OK, so I did a little digging and created a php.ini file with "register_globals=on" in it and uploaded that to my script directory. It seems to be working now.

You guys don't know how much I appreciate the help. I would have never figured that one out. Thanks again.

Posted: Tue Sep 11, 2007 2:03 pm
by feyd
Turning register_globals on is not a solution, only a band-aid. Fix the code so it doesn't require them anymore.

Also, please choose a more descriptive subject and update the thread.
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.

Posted: Wed Sep 12, 2007 9:05 am
by tdp
Any suggestions on what needs to be fixed in the code? I don't have a clue.

Thanks again.

Posted: Wed Sep 12, 2007 3:31 pm
by feyd
Everything that's expected to come from the URL should reference $_GET; everything that's expected to come from a post submission should reference $_POST; there should be no references to PHP_SELF, if you have any. Also, it may be beneficial to get your HTML standards compliant.

Posted: Wed Sep 12, 2007 3:37 pm
by RobertGonzalez
Also make sure to look at anything that has to do with sessions, or cookies, as these get popped into the global scobe when register globals is on as well.

Posted: Wed Sep 12, 2007 3:45 pm
by tdp
Since I am not an PHP expert and really don't know how to change what I am being told to change, is this code old and outdated? Should I just dump it and look for some newer, updated script?

Posted: Wed Sep 12, 2007 5:01 pm
by RobertGonzalez
With a little massagin you should be able to get it to do what you want as it is now.