While, I used something like “$username = $_POST[‘uname’]” in my script, I sawed the php.net said don’t use the “Superglobals”: PHP: Using Register Globals - Manual.
This make me confused, if I cannot use something like ‘$_POST’, what can I use to get the data submitted?:sick:
Thanks.
That page is saying you should use super globals. What it says you shouldn’t use is register_globals, which is a feature that was standard for a while but super unsafe.
Basically what it did was if you submitted a form, with a field ‘uname’ like you have above, you could just use $uname in the script; the consequence was that you could never be certain where a variable came from (did I set it myself, was it posted, was it set as a get parameter, something else?)
Example #9 on the page you linked to is a very good example of how register_globals can be abused.
“Register Globals" is different to "[URL=“http://php.net/manual/en/language.variables.superglobals.php”]Superglobals”, you’re fine to use $_GET, $_POST et al. 
If you read the supporting text on the page you linked to, it should become clearer.
Where does it say “don’t use them”? On the contrary, use of superglobals is suggested.
Thank you! Now, I have what you mean. I mistakenly thought that I cannot use superglobals, because I never used something like ‘$uname’ directly.
Thanks!
*throws up obligatory notice about remembering to sanitize data passed through user-accessable superglobals (GET, POST, REQUEST, and some parts of SERVER)