php5 and php4 coding difference

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
richoes
Forum Newbie
Posts: 5
Joined: Tue Oct 16, 2007 4:04 am

php5 and php4 coding difference

Post by richoes »

Everah | Please use the appropriate bbCode tags when posting code in the forums.

Hey there,

I have a search page on my clients site, which searches through mysql database and sends back info with limit of 10 results function. This function works fine on another server with php4 but when i use it on a server with php5, and you click on the "next 10 results link" it just shoots back the same 10 results as before. i am pretty sure this is a syntax issue regarding the differences between php 4 and 5, (but not sure).

Here is the code for the "next 10" function bit:

Code: Select all

// next we need to do the links to other results
  if ($s>=1) { // bypass PREV link if s is 0
  $prevs=($s-$limit);
  print "&nbsp;<a href=\"$PHP_SELF?s=$prevs&q1=$var1&q2=$var2\" class = \"normlinks\"><< 
  Prev 10</a>&nbsp&nbsp;";
  }

// calculate number of pages needing links
  $pages=intval($numrows/$limit);

// $pages now contains int of pages needed unless there is a remainder from division

  if ($numrows%$limit) {
  // has remainder so add one page
  $pages++;
  }

// check to see if last page
  if (!((($s+$limit)/$limit)==$pages) && $pages!=1) {

  // not last page so give NEXT link
  $news=$s+$limit;

  echo "&nbsp;<a href=\"$PHP_SELF?s=$news&q1=$var1&q2=$var2\" class = \"normlinks\">Next 10 >></a>";
  }

$a = $s + ($limit) ;
  if ($a > $numrows) { $a = $numrows ; }
  $b = $s + 1 ;
  echo "<p>Showing results $b to $a of $numrows</p>";
  echo "<br><a href=\"search.html\" class = \"normlinks\">Back to Search</a>";
  echo "</td></tr></table>";
I am sure the error is this part of the code... any help would be much appreciated thanks you.
richoes
Forum Newbie
Posts: 5
Joined: Tue Oct 16, 2007 4:04 am

working code

Post by richoes »

Here is a link to the working code on php 4 server:

http://www.richarddesign.net/aih/direct ... nsw&q2=all

(q1 and q2 are just search variables passed from form on previous page).
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Post by jmut »

rigister_globals is off on new server..which is good.

run this to see which variable are not defined... like $PHP_SELF for example..should be $_SERVER['PHP_SELF']....although it shouldn't be used anyway.

Code: Select all

error_reporting(E_ALL);
richoes
Forum Newbie
Posts: 5
Joined: Tue Oct 16, 2007 4:04 am

replace $_SERVER['PHP_SELF']

Post by richoes »

Hey mate, thanks yeah you were right. I inserted error reporting and got this:

Notice: Undefined variable: $PHP_SELF in D:\Inetpub\aih\directory\searchscript.php on line 163

Do i replace $PHP_SELF with $_SERVER['PHP_SELF'] can you give me the correct code to replace this line:

echo "&nbsp;<a href=\"$PHP_SELF?s=$news&q1=$var1&q2=$var2\" class = \"normlinks\">Next 10 >></a>";

Because when i do i get a blank page.
(sorry quite new to php).

I have register globals turned off on the new server, although i find that i run into problems when passing variables between flash and php if _globals is off, do you experience this.
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Post by jmut »

well, in order to go easy on this on top of script just do

Code: Select all

$PHP_SELF = $_SERVER['PHP_SELF'];
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

jmut wrote:well, in order to go easy on this on top of script just do

Code: Select all

$PHP_SELF = $_SERVER['PHP_SELF'];

PHP_SELF is susceptible to XSS injection. In your case, you could use

Code: Select all

basename(__FILE__);
instead.
richoes
Forum Newbie
Posts: 5
Joined: Tue Oct 16, 2007 4:04 am

Post by richoes »

Thanks i tried both these suggestions, i get rid of the error message but the script still doesn't bring up the next ten pages, seems to be not passing the s variable and the $prevs variable in the query string, mabye???, or not being able to be read by the page. Should i paste the whole code???

Thanks again.
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Post by jmut »

Jcart wrote:
jmut wrote:well, in order to go easy on this on top of script just do

Code: Select all

$PHP_SELF = $_SERVER['PHP_SELF'];

PHP_SELF is susceptible to XSS injection. In your case, you could use

Code: Select all

basename(__FILE__);
instead.
Thats why I said
...although it shouldn't be used anyway.
richoes:
Register globals affects all variables!. So best you do is modify your code.. .$s = $_GET['s']; etc... with proper validation and all. but error_reporting should have mentioned these variable are undefined.
richoes
Forum Newbie
Posts: 5
Joined: Tue Oct 16, 2007 4:04 am

Post by richoes »

Thanking you heaps guys this worked at top of page...

$s = $_GET['s'];

Guess it was the "s" variable that was undefined.
Post Reply