It is a frequent necessity to transfer variable values between pages. You may have an HTML form which asks for user input to named fields. These fields (as well as hidden variables) will be transferred to a PHP page for processing. This may be the same page that defines the form, or a different one. A method of either 'post' or 'get' must be given in the form tag.
So, how do these variables and their data get into my PHP code?
Once upon a time, most PHP programmers simply grabbed variables and values by using them in their code. Let's say you had two fields in a form, named "name" and "email". You could simply use $name and $email in your code (the receiving, or target, page), and they would have the values filled in by the user in the form. Life was simple, wasn't it? $name and $email were examples of a special kind of PHP variable, called a register global variable. You simply used it, and it was magically there to pull in data transferred from a form or a link on another page.
eg. Register_global = on$conn=mysql_connect('localhost', 'mysqluser', 'mysqlpwd');if (
$save){$sql='INSERT INTO user VALUES( "'.$name.'" , "'.$email.'" )';mysql_query($sql,$conn) or die('Insertion stage failed');}
?>
<>
<>
< method="POST">
< name="name" type="text">
< name="email" type="text">
< name="save" type="submit">
< /form >
< /body>
< /html>
eg. Register_global = off
$conn=mysql_connect('localhost', 'mysqluser', 'mysqlpwd');if (
$_POST['save']){$sql='INSERT INTO user VALUES( "'.$_POST['name'].'" , "'.$_POST['email'].'" )';mysql_query($sql,$conn) or die('Insertion stage failed');}
?>
<>
<>
< method="POST">
< name="name" type="text">
< name="email" type="text">
< name="save" type="submit">
< /form >
< /body>
< /html>
Using globals in PHP is not recommended for those just starting, like us.
**This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.
Though it is cool and convenient to call variables from anywhere and to any nesting of scripts, it will make your script vulnerable to hacks if you dont take caution.
On the other hand, learning to pass and call variables in a more secret way is more rewarding.You will also be aware to check on every security holes your script will have in the future.
No comments:
Post a Comment