httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tim Burden" <...@burden.ca>
Subject Re: [users@httpd] Stupid Apache PHP / URL variable question
Date Tue, 21 Dec 2004 20:49:05 GMT
Check whether register_globals is on or off. If off, that's the best way to
have it, try to read $_GET['firmtype'] instead of $firmtype


----- Original Message ----- 
From: "Wagner, Aaron" <aaron.wagner@bankofamerica.com>
To: <users@httpd.apache.org>; <luis.moreira@esinnovation.pt>
Sent: Tuesday, December 21, 2004 11:24 AM
Subject: RE: [users@httpd] Stupid Apache PHP / URL variable question


> I disagree.  If you code is written correctly this should not be a
problem.
> Run a phpinfo and see all the variables already "floating around".
>
> aaron
>
> > -----Original Message-----
> > From: Luis Moreira [mailto:luis.moreira@esinnovation.pt]
> > Sent: December 21, 2004 10:51
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] Stupid Apache PHP / URL variable question
> >
> >
> > That is usually not a good practice, in terms of security of the
> > application.
> > It's best to read only what you are supposed to, and not to
> > have things
> > "floating around"
> >
> > Wagner, Aaron wrote:
> >
> > >Set register_globals to 'on' in your php.ini file
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: RON FLORY [mailto:ron.flory@adtran.com]
> > >>Sent: December 21, 2004 10:18
> > >>To: users@httpd.apache.org
> > >>Subject: [users@httpd] Stupid Apache PHP / URL variable question
> > >>
> > >>
> > >>hi-
> > >>
> > >>  I'm migrating a users PHP script from old Apache 1.3.22
> > >>to Apache 2.0.52 (x86 Fedora Core 3).  Almost everyting works
> > >>(including mysql access), except for the simplest, dumbest
> > >>thing- I can't seem to pass simple variables via the URL:
> > >>
> > >>  For example:
> > >>
> > >>     http://valen2/~ta4303/index.php?firmtype=1
> > >>
> > >>  sets the variable "firmtype" to 1 on old Apache/PHP, but
> > >>the variable is unset under new Apache/PHP.
> > >>
> > >>  This must be obvious to somebody- any ideas?
> > >>
> > >>ron
> > >>
> > >>------------------------------------------------------------
> > ---------
> > >>The official User-To-User support forum of the Apache HTTP
> > >>Server Project.
> > >>See <URL:http://httpd.apache.org/userslist.html> for more info.
> > >>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > >>For additional commands, e-mail: users-help@httpd.apache.org
> > >>
> > >>
> > >>
> > >>
> > >
> > >---------------------------------------------------------------------
> > >The official User-To-User support forum of the Apache HTTP
> > Server Project.
> > >See <URL:http://httpd.apache.org/userslist.html> for more info.
> > >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > >For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> > >
> > >
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message