I am submitting this idea to the experts to find out if it is breaking any security rules.
I am trying to convert many PHP 4 scripts to run in PHP 5
My idea is to place The following temporary code into a running script with the exit at the end to
inhibit the entire script from running.
-------------------------------------------------------------
$getBegin = "$" . "_" . "GET['";
$postBegin = "$" . "_" . "POST['";
echo "here are the gets <br>";
foreach($_GET as $key => $val)
echo '$' . $key . " = " . $getBegin . $key . "'];<br> ";
echo "<br> here are the posts <br>";
foreach($_POST as $key => $val)
echo '$' . $key . " = " . $postBegin . $key . "'];<br> ";
exit;
----------------------------------------------------------------
The results that I received :
here are the gets
$test = $_GET['test'];
here are the posts
$Org_num = $_POST['Org_num'];
$Org_generate = $_POST['Org_generate'];
$Org_name = $_POST['Org_name'];
$Short_name = $_POST['Short_name'];
$Org_url = $_POST['Org_url'];
$Org_link_text = $_POST['Org_link_text'];
$vendor = $_POST['vendor'];
$contact_name = $_POST['contact_name'];
$contact_phone = $_POST['contact_phone'];
$contact_email = $_POST['contact_email'];
$publish_pjsn = $_POST['publish_pjsn'];
$publish_whtw = $_POST['publish_whtw'];
$affil = $_POST['affil'];
$submit = $_POST['submit'];
I then pasted the results into the original script and deleted the temporary portion;
My question is, Does this violate any security concepts?
PHP 4 to PHP 5 $_GET and $_POST
Moderator: General Moderators
Re: PHP 4 to PHP 5 $_GET and $_POST
If you did this on a live page on a live server it was kinda stupid, but I wouldn't say it broke any "security rules". Even if a malicious person saw that, they could have easily guessed that anyways.
Re: PHP 4 to PHP 5 $_GET and $_POST
I did run this on a live server but just once. Then I pasted the generated code into my script so that I would not have to change the rest of the script.
The code that generated the disply was removed.
The code that generated the disply was removed.