Hello, first off I love this site there is so much knowledge here it's crazy. When I am more skilled at PHP I would love to give back.
On to my topic. I have a site I inherited management for. It is built in PHP and uses an older version PHP 3.xxx. When they built this site they used REGISTER GLOBAL and now my host (!@hoo.com) has stopped supporting that. Which is a problem for my client. I have been tasked with fixing this and frankly it is only one directory affected by this and I simply do not have a clue where to start.
The site seems to work fine accept for this one item. The original builder used a database (mySQL) driven login system for users but for the ADMIN portion of the site he seems to have used .htdoc/.htpsswd/ something because the login prompt I get when I access this particular section of the site is in a popup box and I can't seem to locate where the login and passwords are being stored. So since they do not exist in the database then I am assuming they are scripted in an .htpsswd file somewhere.
Overall I need help in changing the ADMIN sections reliability on REGISTER GLOBAL and fix the site.
***Note *** The problems started happening the day Yahoo turned off register globals. Also i can log into the ADMIN section but when I click update on anything it will not commit the changes to the data.
Please help!!
Converting a site utilizing REGISTER GLOBALS need help
Moderator: General Moderators
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: Converting a site utilizing REGISTER GLOBALS need help
We'll need more information in order to quote you a price.
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: Converting a site utilizing REGISTER GLOBALS need help
I know I am asking a lot but may be just a pointer in the right direction. Or you are serious about that quote let's talk. I am too tied up to do this on my own right now, especially under this time crunch.
Thanks
Thanks
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: Converting a site utilizing REGISTER GLOBALS need help
The easy fix would be to add this to the top of each page or a common page that is included in the other pages. This has security implications the same as with register_globals enabled:jo1234la wrote:I know I am asking a lot but may be just a pointer in the right direction. Or you are serious about that quote let's talk. I am too tied up to do this on my own right now, especially under this time crunch.
Thanks
Code: Select all
@import_request_variables('GPC');mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: Converting a site utilizing REGISTER GLOBALS need help
DUDE !!! As always ..... You so rock!!! Thanks again man......
-
thirdshiftguy
- Forum Newbie
- Posts: 1
- Joined: Fri Aug 06, 2010 9:36 am
Re: Converting a site utilizing REGISTER GLOBALS need help
I am fuzzy on this subject. If use of register_globals is not advised and now deprecated, how do I acquire the information it provides? Such as http_referrer and remote_addr. And what is the REAL risk of using it? I am one of those paranoid programmers, so I like monitoring what happens and who is doing it. I have done simple PHP scripting prior to now, but I am now working with a database. I would like to be as secure as possible without restricting myself. Any thoughts?
Thank you.
Thank you.