Register Globals

[nigelwong]

Hi,

I have register globals turned on, but i have a script that when a form is posted, the variables are not passed on.

In the script at the top if i just go echo $dbhost; it works.

However, if i have something like

if (!isset($var1))
{
$dblink=@mysql_connect($dbhost, $dbuser, $dbpass);
}

The variables are not passed on. Any ideas?

 

[Peter]

take the @ sign away and try again and see if any error message is displayed. If it is post it here.

 

[nigelwong]

The mysql function works, but it executes it has having no values in it. so it has an error like cannot connect with nobody@localhost (USINGPASSWORD: NO) etc.

 

[yeppers]

Hey nigel,
Try this:

if (!isset($var1))
{
$dblink=@mysql_connect($_POST[dbhost], $_POST[dbuser], $_POST[dbpass]);
}

Is that what you were looking for, or am I off? lol

 

[Constantin]

Try this one:

$dblink=@mysql_connect("$dbhost", "$dbuser", "$dbpass");

 

[Eric]

Hey nigel,
Try this:

if (!isset($var1))
{
$dblink=@mysql_connect($_POST[dbhost], $_POST[dbuser], $_POST[dbpass]);
}

Is that what you were looking for, or am I off? lol

^ Do not use register_globals..at all :blink:

 

[nigelwong]

I've tried substituting them with the $_POST things too, but they didn't work either =/ it's really weird.

Heres the code:

<?PHP
$xinput_style="style=\"BORDER-STYLE: solid;BORDER-COLOR: #999999; BACKGROUND-COLOR: #ffffff; BORDER-WIDTH: 1px; FONT-FAMILY: Verdana; FONT-SIZE: 8pt\"";

if(phpversion() <= "4.0.6") { $_POST=$HTTP_POST_VARS; }
if ($_POST['submit'])
	{
	if (trim($_POST['db'])=="") { $e0=true; }
	if (trim($_POST['dbhost'])=="") { $e1=true; }
	if (trim($_POST['dbuser'])=="") { $e2=true; }
	if (trim($_POST['dbpass'])=="") { $e3=true; }
	if (!is_writable(str_replace("/install1.php", "", $HTTP_SERVER_VARS['PATH_TRANSLATED']))) { $e4=true; }
	
	if (!isset($e0)&&!isset($e1)&&!isset($e2)&&!isset($e3)&&!isset($e4))
		{
		# --------------------------------------------------------
		$dblink=@mysql_connect($dbhost, $dbuser, $dbpass);
		$dbsel=@mysql_select_db($db);

		$read_dump=@fopen("Master_DB.sql", "r");
		$result_dump=@fread($read_dump, filesize("Master_DB.sql"));
		@fclose($read_dump);

		$result_dump=str_replace("`", "", $result_dump);

		$count=substr_count($result_dump, "\n");
		$explode=explode("\n", $result_dump);
		$buffer="";
		for ($i=0; $i<=($count-1); $i++)
			{
			# Create db structure
			if (substr($explode[$i], 0, 1)!="#")
				{
				if (substr(trim($explode[$i]), -1)==";") 
					{ 
					$temp=str_replace(";", "", $explode[$i]);
					$buffer.=str_replace("\n", " ", $temp);
					mysql_query($buffer);
					$buffer=""; 
					}
				else { $buffer.=str_replace("\n", " ", $explode[$i]); }
				}
			}

 

[Peter]

just a note are you sure you are meant to be using post variables for the database connection. this poses a huge security risk if that is what you are actually doing