I am forced to use $_POST after updating PHP

  • barry
  • Graduate
  • Graduate
  • User avatar
  • Posts: 115
  • Loc: scotland

Post 3+ Months Ago

Hi all. I have recently upgraded my server and had the new PHP installed and now all my forms need changed! 156 website worth.

The problem is that i am having to now add $_POST to the php so that the variable get a value as where before i just used the name like

$name

now i need to use

$_POST['name']

this is a real problem as i am using the first method in hundreds of websites and have been for many years. Is there a setting in my php.ini file that i can use to make it so i dont have to use $_POST all the time?

any help would be great!
  • ScottG
  • Proficient
  • Proficient
  • ScottG
  • Posts: 477

Post 3+ Months Ago

I'm Not entirely sure what you mean but I've used $_POST, $_GET and $_REQUEST in all my projects.

To bust them out of the post or get you could extract them.

Code: [ Select ]

extract($_POST);
  1. extract($_POST);


This will take $_POST['name'] and make it $name;
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9092
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

Hi Barry,

It seems you were using register globals in the past which was deprecated as of PHP 5.3.0, and then completely removed as of PHP 5.4.0. I would advise you to read this page:

http://php.net/manual/en/security.globals.php

Quote:
Perhaps the most controversial change in PHP is when the default value for the PHP directive register_globals went from ON to OFF in PHP ยป 4.2.0. Reliance on this directive was quite common and many people didn't even know it existed and assumed it's just how PHP works. This page will explain how one can write insecure code with this directive but keep in mind that the directive itself isn't insecure but rather it's the misuse of it.


It looks like if you want to continue using the newer version of PHP you will need to go through all of your scripts. If you have hundreds of websites that have numerous PHP pages each, you might want to use a program that does a find and replace all, but that might still be difficult as you might have to figure out what variables were actually dependent on register globals.

I think the easiest solution for you might be to put something like this right above the first use of any variable you need to change:

PHP Code: [ Select ]
$name = $_POST['name'];


At least doing it like that you won't have to change the rest of the $name's on that page since you have now assigned it to load the post variable.

It will still probably be quite a bit of work, but one of your only choices if you want to use PHP equal or greater to PHP 5.4.0.
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13504
  • Loc: Florida

Post 3+ Months Ago

This sounds like a nightmare.

I think I would leave these websites running PHP < 5.4.0 and move on with any new websites. Maybe pick the websites profitable enough to warrant a re-write and move them over as time permits.

It's been awhile since I've worked with servers, but remember GET variables can be extracted from request logs which would make dermining what needed to be found and replaced easier. I don't member if there's a way to track POST variables to do the same.

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 85 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.