Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy. This forum is not for asking programming related questions.
Hey. I'm trying to "clean up" my scripts so that I can turn off "register globals" on my server. Now, do you think this would be an appropriate way of doing it or not? And do you have another way of doing it?
I just think that including $HTTP_POST_VARS... everywhere would contribute to a lot of clutter. I'm not defeating the purpose of turning off the globals (security) by writing my scripts as above am I?
sinistre wrote:I just think that including $HTTP_POST_VARS... everywhere would contribute to a lot of clutter.
You may want to look into using the extract() function.
sinistre wrote:I'm not defeating the purpose of turning off the globals (security) by writing my scripts as above am I?
No, because you are using the arrays properly. Using $HTTP_POST_VARS ensures that the data came from a form using the post method and not from a query string parameter. Just the same as using $HTTP_COOKIE_VARS checks that the value came from a cookie and $HTTP_SESSION_VARS that the value is a session variable. If you had PHP version 4.1 or above and started using $_REQUEST (which is a combination of $_GET, $_POST, $_COOKIE, and $_FILES) then you would be nullifying any security benefit of having reg globals off.