FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


config php help





spring567
abc.php?id=123
we can get id as
<?
$id=_GET["id"];
echo($id);
?>
it prints "123"

I want to pint "123" by the fllowing,how can I setting?

<?
echo($id);
?>
Peterssidan
You want to turn on register_globals? It is not recommend to do that. It is deprecated and insecure. It's not that hard to write _GET["id"] instead of $id, and it's much safer.
sonam
You can use session instead of register globals. The session is nice solution if you want to sent some information all around your site. But it is not recommended for confidential data (passwords, etc.).

You must start session on every page, and then on first register some session. For example:
PAGE A:
Code:
<?php
session_start();
$_SESSION['num'] = '123';
?>


PAGE B:
Code:
<?php
session_start();
echo $_SESSION['num']; // result is 123
?>


Of course, here is lot of other possibilities with session but this is one simple example.

Sonam
Peterssidan
sonam wrote:
You can use session instead of register globals. The session is nice solution if you want to sent some information all around your site. But it is not recommended for confidential data (passwords, etc.).

I think sessions are used for other things. Often you want to have different URL for different pages and then $_GET is a good idea. $_SESSION is more suited for login kind of stuff.

About not using $_SESSION for confidential data. I have never thought about it. The session data is kept on the server so I see no problem. I see no reason to store passwords in $_SESSION but I see no real danger in doing so. Is it if some bad person have access to the server or if an hacker get into the server or something? Just curious.
sonam
Peterssidan wrote:
sonam wrote:
You can use session instead of register globals. The session is nice solution if you want to sent some information all around your site. But it is not recommended for confidential data (passwords, etc.).

I think sessions are used for other things. Often you want to have different URL for different pages and then $_GET is a good idea. $_SESSION is more suited for login kind of stuff.

About not using $_SESSION for confidential data. I have never thought about it. The session data is kept on the server so I see no problem. I see no reason to store passwords in $_SESSION but I see no real danger in doing so. Is it if some bad person have access to the server or if an hacker get into the server or something? Just curious.


I am read, somewhere, sessions are stored in TMP folder on server. On shared hosting this folder is same for all users. If some hacker get access on this folder he can find your password and other confidential data.

Sonam
jmraker
You can avoid turning on register_globals if you use
import_request_variables("gP", "form_");
Then the $_GET['id'] in "abc.php?id=123" becomes $form_id
http://us.php.net/manual/en/function.import-request-variables.php

To avoid having your session mixed in with other site sessions you can tell php to store the session files in another writable directory by calling session_save_path($dir)
http://www.php.net/manual/en/function.session-save-path.php

or save it to the database with session_set_save_handler(...)
http://www.php.net/manual/en/function.session-set-save-handler.php
Related topics
can you help me?
problem with a php randomizer script
[PhP] News Posting Tutorial (code, actually ^^')
my config.php............
mysql/php help please
CHMOD?! Help!
Need some php help.
PHP Nuke help
How to start using PHP? Help!
Php parsing error! Need help
phpBB - Installation Tutorial
vBulletin Config.php script
All Joomla Related Topics
HTML/PHP Help (Contact Box)
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.