Quick PHP question...

Moderator
Posts: 698
Joined: 2002.04
Post: #1
Greetings Smile Ages ago I threw together a few PHP scripts for the web-page of a member of my family; the scripts retrieve data from a MySQL database, the data retrieved determined by the content of a parameter passed to the scripts in the URL (no, the content of the parameter is not a SQL command Rasp)

A few weeks ago the scripts broke; data is still being retrieved from the database by the scripts, but it is the data retrieved by default when no parameter has been passed to the scripts - except a parameter is being passed to the scripts.

Eg. I threw together the following test; given the code:

Code:
<?php

echo( $p );

print( $p );

printf( "%d", $p );

if( $p == 7 ) echo( "seven" ); else echo( "not seven" );

$p = 21;

echo( $p );

?>

And given the URL test.php?p=7, I would expect the output to be:

Quote:777seven21

Instead, the output is:

Quote:0not seven21

Is my understanding of the functionality of parameters in PHP incorrect - and if my understanding is incorrect, how did the scripts function correctly for years? Blink

Or have changes to PHP changed the functionality of parameters? Mad (The version of PHP installed is 5.2.17; I'm afraid I don't know if this has changed recently...)

Or is there some other explanation...?

(Annoyingly, an install of WordPress on the same server seems to function correctly...)

Mark Bishop
--
Student and freelance OS X & iOS developer
Quote this message in a reply
Moderator
Posts: 916
Joined: 2002.10
Post: #2
$p = $_GET['p'];


(as far as I am aware, your previous code should have never worked in a million years)
Quote this message in a reply
Moderator
Posts: 771
Joined: 2003.04
Post: #3
(Mar 21, 2012 08:26 PM)skyhawk Wrote:  (as far as I am aware, your previous code should have never worked in a million years)

A ridiculously dangerous (now deprecated) "feature" from php was that it actually did work just like that.

http://www.php.net/manual/en/ini.core.ph...er-globals

http://www.php.net/manual/en/security.globals.php
Quote this message in a reply
Moderator
Posts: 698
Joined: 2002.04
Post: #4
(Mar 21, 2012 08:26 PM)skyhawk Wrote:  $p = $_GET['p'];

Thanks skyhawk Grin I hadn't touched PHP in at least two years (and obviously I wasn't fluent in it to begin with Wink) so I had no idea where to begin looking for a solution...

(Mar 21, 2012 08:26 PM)skyhawk Wrote:  (as far as I am aware, your previous code should have never worked in a million years)

As PowerMacX wrote, the code functioned (and for at least six years); and whilst PowerMacX wrote that the feature of PHP I was using was "ridiculously dangerous", I wasn't concerned with security when I threw together the code as no user has permission to write to the database.

Mark Bishop
--
Student and freelance OS X & iOS developer
Quote this message in a reply
Moderator
Posts: 373
Joined: 2006.08
Post: #5
I miss register_globals. It was only a security hazard if you used it incorrectly Annoyed

Worlds at War (Current Project) - http://www.awkward-games.com/forum/
Quote this message in a reply
Moderator
Posts: 916
Joined: 2002.10
Post: #6
(Mar 22, 2012 04:29 PM)wyrmmage Wrote:  I miss register_globals. It was only a security hazard if you used it incorrectly Annoyed

you mean by having people define variables in your code that you had no control over?
Quote this message in a reply
Post Reply 

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Quick C/C++ macro question sealfin 4 2,420 May 27, 2013 03:28 PM
Last Post: sealfin