| Re: Trouble with sending e-mail from simple php script [message #176562 is a reply to message #176556] |
Mon, 09 January 2012 15:34   |
C
Messages: 24
Registered: January 2012
Karma:
|
Junior Member |
|
|
On Jan 9, 4:50 pm, Tim Streater <timstrea...@greenbee.net> wrote:
> In article
> <36944289-58f2-4cc9-a12f-386aa9ad6...@y7g2000vbe.googlegroups.com>,
> Captain Paralytic <paul_laut...@yahoo.com> wrote:
>
>
>
>
>
>> On Jan 9, 1:40 pm, C <wrong.addres...@gmail.com> wrote:
>>> On Jan 9, 2:36 pm, Captain Paralytic <paul_laut...@yahoo.com> wrote:
>
>>>> On Jan 8, 6:57 pm, C <wrong.addres...@gmail.com> wrote:
>
>>>> > I added four lines for those four variables.
>>>> > What does this really do? I already have those values in the
>>>> > variables. Why do we have to do this?
>
>>>> You only have those values in variables if you are relying on
>>>> register_globals being on. The php manual has this to say on that
>>>> subject:
>
>>>> Warning
>>>> This feature has been DEPRECATED as of PHP 5.3.0. Relying on this
>>>> feature is highly discouraged.
>
>>>> 'nuff said?
>
>>> THIS MIGHT BE IT. I will try at home in the evening.
>
>> There is no "might" about it. Jeff's suggested lines:
>
>> $name = $_POST['name'];
>> $orgn = $_POST['orgn'] etc etc
>
>> are the way it is done nowadays, because register_globals no longer is.
>
> Doing it this way provides some security. It means that the *only* way
> to get that data is via the $_POST array. So that means that your script
> doesn't start off with values in variables, assume they're OK, and use
> them. The old way meant someone could just run your script and preset
> *any* variable, even one you didn't mean to have set by the web page. So
> if you forgot to initialise $delete, but instead relied on it being null
> by default, and your code has this:
>
> if ($delete==1)
> {
> delete_complete_file_system ();
> }
>
> the bad guy could easily do you some damage.
>
> --
> Tim
>
> "That excessive bail ought not to be required, nor excessive fines imposed,
> nor cruel and unusual punishments inflicted" -- Bill of Rights 1689- Hide quoted text -
>
> - Show quoted text -
Makes sense.
Thanks for the explanation.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]