| Re: Trouble with sending e-mail from simple php script [message #176565 is a reply to message #176563] |
Mon, 09 January 2012 17:00   |
Tim Streater
Messages: 328
Registered: September 2010
Karma:
|
Senior Member |
|
|
In article
<be2f03d3-5286-4919-a07a-0f2e93c73408(at)o14g2000vbo(dot)googlegroups(dot)com>,
Captain Paralytic <paul_lautman(at)yahoo(dot)com> wrote:
> On Jan 9, 2:50 pm, Tim Streater <timstrea...@greenbee.net> wrote:
>> In article
>> <36944289-58f2-4cc9-a12f-386aa9ad6...@y7g2000vbe.googlegroups.com>,
>> Captain Paralytic <paul_laut...@yahoo.com> wrote:
>>> On Jan 9, 1:40 pm, C <wrong.addres...@gmail.com> wrote:
>>>> On Jan 9, 2:36 pm, Captain Paralytic <paul_laut...@yahoo.com> wrote:
>>
>>>> > On Jan 8, 6:57 pm, C <wrong.addres...@gmail.com> wrote:
>>
>>>> > > I added four lines for those four variables.
>>>> > > What does this really do? I already have those values in the
>>>> > > variables. Why do we have to do this?
>>
>>>> > You only have those values in variables if you are relying on
>>>> > register_globals being on. The php manual has this to say on that
>>>> > subject:
>>
>>>> > Warning
>>>> > This feature has been DEPRECATED as of PHP 5.3.0. Relying on this
>>>> > feature is highly discouraged.
>>
>>>> > 'nuff said?
>>
>>>> THIS MIGHT BE IT. I will try at home in the evening.
>>
>>> There is no "might" about it. Jeff's suggested lines:
>>
>>> $name = $_POST['name'];
>>> $orgn = $_POST['orgn'] etc etc
>>
>>> are the way it is done nowadays, because register_globals no longer is.
>>
>> Doing it this way provides some security. It means that the *only* way
>> to get that data is via the $_POST array. So that means that your script
>> doesn't start off with values in variables, assume they're OK, and use
>> them. The old way meant someone could just run your script and preset
>> *any* variable, even one you didn't mean to have set by the web page. So
>> if you forgot to initialise $delete, but instead relied on it being null
>> by default, and your code has this:
>>
>> if ($delete==1)
>> {
>> delete_complete_file_system ();
>> }
>>
>> the bad guy could easily do you some damage.
> I think I already knew that! And sorry but your post will now be
> archived regardless of your setting.
And for reasons best known to yourself, you introduced many blank lines
near the top of your post and failed to snip my .sig.
--
Tim
"That excessive bail ought not to be required, nor excessive fines imposed,
nor cruel and unusual punishments inflicted" -- Bill of Rights 1689
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]