Simple example not working

**mendhak** · Jan 14th, 2003, 03:37 AM

I'm trying out a simple PHP example from this page:

http://hotwired.lycos.com/webmonkey/...tw=programming

Here's index.php:

PHP Code:


<html> 

 <head> 

 <title>My Form</title> 

 </head> 

 <body> 



 <form action="bad.php" method=post> 



 My name is:

 <br> <input type="text" name="YourName"> 



 <p> My favorite dirty word is: 

 <br> <input type="text" name="FavoriteWord"> 

 <p>



 <input type="submit" name="submit" value="Enter My Data!">

 </form>



 </body>

 </html>

And here is bad.php:

PHP Code:


<html>

<head>

<title>Perv!</title>



</head>



<body bgcolor="#FFFFFF" text="#000000">



<p>

Hi <?php print $YourName; ?>



<p>

You like the word <b> <?php print $FavoriteWord; ?> !?! </b>



<p>You oughta be ashamed of yourself!



</body>

</html>

When I run it, I get this error on bad.php:

Notice: Undefined variable: YourName in C:\My Documents\My Webs\php\bad.php on line 10

You like the word
Notice: Undefined variable: FavoriteWord in C:\My Documents\My Webs\php\bad.php on line 13
!?!

What am I doing wrong? In ASP, whenever I submitted a form, I had to request the variables passed. I don't see it so far in PHP.

Any help is good
Thx.

**Rick Bull** · Jan 14th, 2003, 07:12 AM

It's probably because you have register globals off, so you need to either make the vars aviable with:

Code:

global $YourName;

or the better way:

Code:

$_REQUEST['YourName']; //POST or GET
$_POST['YourName']; //POST only
$_GET['YourName']; //GET only

It's more secure if you use $_POST because then the user can just append a variable to the query string to "hack" your code

**mendhak** · Jan 14th, 2003, 08:16 AM

Thanks Rick. I used this:

PHP Code:


<?php







global $YourName;

global $FavoriteWord;



$YourName = $_REQUEST['YourName'];

$FavoriteWord = $_REQUEST['FavoriteWord'];

?>

But instead of this, how can I make life easier... how can I register globals "on" ?

**mendhak** · Jan 14th, 2003, 08:19 AM

NM... I checked out php.ini and found it.

I'm learning something about php: Just about EVERYTHING is in that php.ini file. Bugger eh?

**phpman** · Jan 14th, 2003, 06:16 PM

it had nothing to do with globals.

you need to find this line and uncomment it in the ini file. it is not bad but just a warning.

error_reporting = E_ALL & ~E_NOTICE

**phpman** · Jan 14th, 2003, 06:21 PM

Originally posted by Rick Bull

or the better way:

Code:

$_REQUEST['YourName']; //POST or GET $_POST['YourName']; //POST only $_GET['YourName']; //GET only

It's more secure if you use $_POST because then the user can just append a variable to the query string to "hack" your code

no, REQUEST is not safe. it also controls _FILES[]

use GET or POST whenever you can

**Rick Bull** · Jan 15th, 2003, 06:13 AM

That's what I meant.

**mendhak** · Jan 15th, 2003, 07:29 AM

What is _FILES[]; ?

**ricmitch** · Jan 15th, 2003, 07:35 AM

I just put

PHP Code:


error_reporting(65);

in a common file. Only reports the really nasty errors that way. doesn't bother with Notices, or Warnings.

**phpman** · Jan 15th, 2003, 10:03 AM

Originally posted by mendhak
What is _FILES[]; ?

$_FILES[] is the superGlobal for uploading files to the server. REQUEST also controls this.

ric, that is the same and probably an easier way to do it if you didn't have access to the ini file.

**Gimlin** · Jan 15th, 2003, 01:05 PM

you can also REQUEST cookies.

**phpman** · Jan 15th, 2003, 02:29 PM

oh yeah :P

**ricmitch** · Jan 15th, 2003, 02:33 PM

Originally posted by Gimlin
you can also REQUEST cookies.

I WANT COOKIES NOOOOOOW MOM!!

**The Hobo** · Jan 15th, 2003, 04:18 PM

Originally posted by ricmitch
I WANT COOKIES NOOOOOOW MOM!!

Thread: Simple example not working

Thread Tools

Display

Simple example not working

Posting Permissions