PHP Assistance needed

Posted: Sun Feb 04, 2007 10:20 am Post subject: PHP Assistance needed

Hi guys, long time no post. well, now I've moved house I'm back and posting, cos ive got a few sites going on...

and the first one has landed me a right problem...

the site is to advertise villas in cyprus for a mate. its cheap as chips and rough and ready, its not gonna win any design awards.

http://www.cyprusvillas-protaras.com

I've written a very basic contact form,
http://www.cyprusvillas-protaras.com/contact.php

it works on my host but not on the host the guy has already paid to host this site. the hosting company say its because as of php 4.3 register_globals is turned off. but the script works on my site and my host is setup for php 4.4.4.

when you hit submit, it registers the input as variables and reloads the page. if it finds variables it creates and email and sends it. on my host this works. on the clients host it just reloads the page without sending an email.

i'm not sure if it is what the hosting company say cos nethosted are on 4.4.4 and its working.

anyone got any ideas as to what to do here? personally i'd like to host the site on nh but the client doesn't want to. he wants to keep it with switch media. any links to documents explaining this simply would be appreciated.

Matt

NetHosted Staff Joined: 22 Mar 2004 Posts: 5625

Matt,

We also now disable regsiter_globals on new servers and it's likely we will be switching it off on existing servers shortly (we will warn people in good time).

The simple fix is to place this in a .htaccess file inside the directory where the contact script is located:

php_flag register_globals off

If you get a 500 error when you try that delete the .htaccess file and create a php.ini file with:

register_globals = Off

in it instead. If this doesn't work it implies your host has disallowed such PHP manipulation and your script will need to be recoded to not use globally registered variables.

Andrew

Posted: Mon Feb 05, 2007 2:10 pm Post subject:

andrew,

thanks for the swift response.

how does telling the server that register globals is off on a directory basis fix the problem?

as i understand it the php installation is told that its off by the php config, so what is forcing the script to work in your example?

Matt

NetHosted Staff Joined: 22 Mar 2004 Posts: 5625

Matt,

My mistake, you should change where I've put off in my two examples to on

Andrew

Posted: Thu Feb 08, 2007 1:49 pm Post subject:

I recommend in the future you always use the $_POST["variablename"], $_GET["variablename"] and the $_COOKIE["variablename"] superglobals. They are more secure and you won't run into the problem.

Example: