PHP ini setting?

Hi, I don’t know how to give title for this thread.

If an url is executed http://domain.com/index.php?value=abc

How can I echo “abc” with this code:

<?php echo $value; ?>

I know I can do it with

<?php echo $_GET[“value”]; ?>

But is there a way for the first code? Maybe changing the server setting or php.ini?

http://www.php.net/manual/en/faq.misc.php#faq.misc.registerglobals

What is the purpose in doing that?

Thanks.

You should avoid using register_globals, as its use can lead to security issues. Thus, it has been deprecated for a long time now, and is to be removed in PHP 6.

Better would be:

<?php

if (isset($_GET['value'])) {
	$value = $_GET['value'];
	echo $value;
}

It creates a HUGE security hole in the application so as to allow people to use the code to trash the account - that’s why it was turned off by default in PHP 4.2 and is removed completely in PHP 6.

Only a newbie would consider doing such a stupid thing. Even if their site were fortunate enough to not be shut down for spamming after all the spammers use that code to break in it will still need to be rewritten back to use the $_GET array reference to work with PHP 6. Also a growing number of web hosting providers will no longer allow accounts to open that security hole.