PHP 4 to PHP 5 $_GET and $_POST

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
cauleyfj
Forum Newbie
Posts: 2
Joined: Fri Dec 05, 2008 2:12 pm

PHP 4 to PHP 5 $_GET and $_POST

Post by cauleyfj »

I am submitting this idea to the experts to find out if it is breaking any security rules.

I am trying to convert many PHP 4 scripts to run in PHP 5

My idea is to place The following temporary code into a running script with the exit at the end to
inhibit the entire script from running.
-------------------------------------------------------------
$getBegin = "$" . "_" . "GET['";
$postBegin = "$" . "_" . "POST['";

echo "here are the gets <br>";
foreach($_GET as $key => $val)
echo '$' . $key . " = " . $getBegin . $key . "'];<br> ";
echo "<br> here are the posts <br>";
foreach($_POST as $key => $val)
echo '$' . $key . " = " . $postBegin . $key . "'];<br> ";


exit;
----------------------------------------------------------------

The results that I received :


here are the gets
$test = $_GET['test'];

here are the posts
$Org_num = $_POST['Org_num'];
$Org_generate = $_POST['Org_generate'];
$Org_name = $_POST['Org_name'];
$Short_name = $_POST['Short_name'];
$Org_url = $_POST['Org_url'];
$Org_link_text = $_POST['Org_link_text'];
$vendor = $_POST['vendor'];
$contact_name = $_POST['contact_name'];
$contact_phone = $_POST['contact_phone'];
$contact_email = $_POST['contact_email'];
$publish_pjsn = $_POST['publish_pjsn'];
$publish_whtw = $_POST['publish_whtw'];
$affil = $_POST['affil'];
$submit = $_POST['submit'];


I then pasted the results into the original script and deleted the temporary portion;

My question is, Does this violate any security concepts?
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: PHP 4 to PHP 5 $_GET and $_POST

Post by requinix »

If you did this on a live page on a live server it was kinda stupid, but I wouldn't say it broke any "security rules". Even if a malicious person saw that, they could have easily guessed that anyways.
cauleyfj
Forum Newbie
Posts: 2
Joined: Fri Dec 05, 2008 2:12 pm

Re: PHP 4 to PHP 5 $_GET and $_POST

Post by cauleyfj »

I did run this on a live server but just once. Then I pasted the generated code into my script so that I would not have to change the rest of the script.

The code that generated the disply was removed.
Post Reply