register_global issue

What are Register Global Variables?

It is a frequent necessity to transfer variable values between pages. You may have an HTML form which asks for user input to named fields. These fields (as well as hidden variables) will be transferred to a PHP page for processing. This may be the same page that defines the form, or a different one. A method of either 'post' or 'get' must be given in the form tag.

So, how do these variables and their data get into my PHP code?

Once upon a time, most PHP programmers simply grabbed variables and values by using them in their code. Let's say you had two fields in a form, named "name" and "email". You could simply use $name and $email in your code (the receiving, or target, page), and they would have the values filled in by the user in the form. Life was simple, wasn't it? $name and $email were examples of a special kind of PHP variable, called a register global variable. You simply used it, and it was magically there to pull in data transferred from a form or a link on another page.

eg. Register_global = on

<?php
$conn=mysql_connect('localhost', 'mysqluser', 'mysqlpwd');
if ($save){
$sql='INSERT INTO user VALUES( "'.$name.'" , "'.$email.'" )';
mysql_query($sql,$conn) or die('Insertion stage failed');
}
?>

<>
<>
< method="POST">
< name="name" type="text">
< name="email" type="text">
< name="save" type="submit">
< /form >
< /body>
< /html>

eg. Register_global = off

<?php
$conn=mysql_connect('localhost', 'mysqluser', 'mysqlpwd');
if ($_POST['save']){
$sql='INSERT INTO user VALUES( "'.$_POST['name'].'" , "'.$_POST['email'].'" )';
mysql_query($sql,$conn) or die('Insertion stage failed');
}
?>

<>
<>
< method="POST">
< name="name" type="text">
< name="email" type="text">
< name="save" type="submit">
< /form >
< /body>
< /html>

Using globals in PHP is not recommended for those just starting, like us.

**This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.

Though it is cool and convenient to call variables from anywhere and to any nesting of scripts, it will make your script vulnerable to hacks if you dont take caution.

On the other hand, learning to pass and call variables in a more secret way is more rewarding.You will also be aware to check on every security holes your script will have in the future.

PHP Single quote vs Double quote

Single quotes are faster to execute as compare to double quotes, but the difference is negligible for simple statements.

the double quotes are parsed by php to find where there is any variable that needs to be displayed e.g

$w = "world";
echo " Hello $w"; // taken as Hello World
echo 'Hello $w'; // taken as Hello $w

Sometimes people use double quotes in PHP to avoid having to use the period to separate code. For example, you could write:

$color='blue';
echo "I have a $color shirt on today";

It was faster and easier but is not better.
A better way to write this code would be:

echo 'I have a ' .$color. ' shirt on today';

Although it is produce the same output. But phrasing your code in the second method will result in less chance of error messages, or problems with other programmers deciphering your code.

echo -- PHP

<?php
echo "Welcome to Coding blogspot";
echo "Hello World";
?>

Welcome to Coding blogspot
Hello World

learning PHP

PHP, which stands for "PHP: Hypertext Preprocessor" is a powerful server-side scripting language that is especially suited for Web development and can be embedded into HTML. Its syntax draws upon C, Java, and Perl, and is easy to learn.

The main goal of the language is to allow web developers to write dynamically generated web pages quickly, but you can do much more with PHP.
PHP is often used together with Apache (web server) on various operating systems combine with Mysql (database).

If you are just learning PHP, XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start.
It is available for linux, windows, Mac OS X and Solaris.

XAMPP is a compilation of free software (comparable to a Linux distribution), it's free of charge and it's free to copy under the terms of the GNU GENERAL PUBLIC LICENSE. But it is only the compilation of XAMPP that is published under GPL. Please check every single license of the contained products to get an overview of what is, and what isn't, allowed.

just keep in mind that these installation packages are for development use, and are not built for a production enviroment, the preformance and security of these tools is not setup for use in a public website.