Can anyone help me please. I have spent close on a day trying to work it out, but without success.

The code below worked fine on my 4.0.6 set up, now Iíve upgraded to 4.1.0 (new install) with ISAPI XP IIS5 and intend using the new PhP superglobals.

With registered_globals turned off it would appear that $PHP_SELF is not longer valid. How can I access the user input?

Most forums/advice/tutorials do not say very much about changing existing code to improve security with the new superglobals.


<?php
//cv_newsletter.php
include "./cv_common.inc";


function check_status_form() {
global $PHP_SELF;

?>
<BODY MARGINHEIGHT="0" MARGINWIDTH="0" TOPMARGIN="3" LEFTMARGIN="2">
<BODY bgcolor="000000">
<DIV align="left">
<FONT face="Arial" size="2" color="#FFFFFF">

<FORM METHOD="POST" ACTION="<?php echo $PHP_SELF ?>">
<INPUT TYPE="HIDDEN" NAME="action" VALUE="check status">
<P> Enter your email address and PRESS [return] to join/leave the mailing list
<INPUT TYPE="TEXT" NAME="user_email" SIZE="20">

</FORM>
</FONT>
</DIV>
</BODY>
<?php

}

if(empty($action)) $action="xx";

switch ($action)
{
case "check_status":
mailer_header();
user_message("Inside check_status_form = $action"); //my test
check_status();
mailer_footer();
break;
default:
mailer_header();
check_status_form();
mailer_footer();
break;
}
?>


Any pointers towards rewriting the above in a better format would also be very welcome.

Thanks.