SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Member
    Join Date
    Jul 2004
    Location
    USA
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Register Globals Off Form Problem

    Hi

    I have created a script that usually works, but on this one site that is using it, it doen't function. The host said that they have the register_globals turned off.

    Can someone show me what the correct code should be


    <?
    $adminaddress = "info@";
    $siteaddress ="http://www.";
    $subject = "Feedback";
    $sitename = "SITE";
    $redirectURL = "thank_you.php";
    $date = date("m/d/Y H:i:s");
    if ($REMOTE_ADDR == "") $ip = "no ip";
    else $ip = getHostByAddr($REMOTE_ADDR);
    if ($action != "POST"):
    mail("$adminaddress","$subject",
    "Name: $Name
    Company: $Company
    Position: $Position
    Address: $Address
    City: $City
    State: $State
    Zip: $Zip
    Phone: $Phone
    Email: $Email
    The visitor commented:
    ------------------------------
    $Comments
    ------------------------------

    Logged Info :
    ------------------------------
    Using: $HTTP_USER_AGENT
    Hostname: $ip
    IP address: $REMOTE_ADDR
    Date/Time: $date","FROM:$Email");

    mail("$Email","Thank You for visiting $sitename", "Hi $Name,\n
    Thank you for your interest in $sitename!\n
    Sincerely,

    $sitename
    $siteaddress","FROM:$adminaddress");
    endif;
    header("Location: ".$redirectURL);
    ?>

  2. #2
    SitePoint Zealot cyanide1's Avatar
    Join Date
    May 2004
    Location
    Toronto, Canada
    Posts
    97
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you can turn it on by putting
    Code:
    php_flag register_globals on
    in .htaccess
    --> Food and Hospitality Directory
    --> Article Directory
    ------------------------

  3. #3
    $this->toCD-R(LP); vinyl-junkie's Avatar
    Join Date
    Dec 2003
    Location
    Federal Way, Washington (USA)
    Posts
    1,524
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You're really better off from a security standpoint leaving register globals off.

    Just use the $_GET function to pull your form variables into your script. For example:
    Code:
    $adminaddress = $_GET['adminaddress'];
    Modify your script like that, and you shouldn't have any problems with it anywhere it runs in terms of register globals.

    Hope this helps.
    Music Around The World - Collecting tips, trade
    and want lists, album reviews, & more
    Showcase your music collection on the Web

  4. #4
    SitePoint Member jjdoblados's Avatar
    Join Date
    Nov 2004
    Location
    PH
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Unless you have su privileges on the server where your site is hosted, you can't really turn on privileges, even by way of .htaccess.

    Your best option is to recode as vinyl_junkie suggests and make appropriate changes in your coding. This will greatly help you: http://ph.php.net/en/language.variables.predefined

    Good luck!

  5. #5
    $this->toCD-R(LP); vinyl-junkie's Avatar
    Join Date
    Dec 2003
    Location
    Federal Way, Washington (USA)
    Posts
    1,524
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jjdoblados
    Unless you have su privileges on the server where your site is hosted, you can't really turn on privileges, even by way of .htaccess.
    Yes, you can! I'll grant you, there are some settings that can't be modified that way, but register globals isn't one of them.

    You and I are still in agreement though about 1219 modifying that code.

    As an aside, since I've turned register globals off myself, I have seen a lot of attempts on my server at cross-site scripting. They're not gonna get anywhere with it either.

    <edit>Got the nickname of the original poster wrong. Corrected it.</edit>
    Last edited by vinyl-junkie; Nov 11, 2004 at 10:08.
    Music Around The World - Collecting tips, trade
    and want lists, album reviews, & more
    Showcase your music collection on the Web

  6. #6
    SitePoint Enthusiast
    Join Date
    Feb 2003
    Location
    Leuven, Belgium
    Posts
    78
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Vinyl-junkie's advice here is really the most quality solution for your problem. That said, I've just posted some lines of code with some alternatives for this kind of thing, which (albeit less high-quality) can save you time while keeping your variables safe:
    http://www.sitepoint.com/forums/show...46#post1498459


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •