Reputation: 21
URL Parameters to PHP Variables
I've been doing PHP for a while now, never needed assistance, but totally confused this time. I have a single line of code with one echo statement.
Problem: URL parameters are automatically assuming PHP variable values of the same name. For example, I have a URL with a parameter named var_name like this:
http://www.example.com?var_name=abc123
and a 1-line PHP script with a variable named var_name, like this:
echo $var_name;
then I get output on the page of: abc123
This is the only code in the PHP page! This behavior is exactly how I expect $_GET to work, but I'm not using it.
I am having this problem only on 1 specific server, which is running PHP 5.2. I have tested on 4 other servers, none have this behavior. I assume it's a PHP config issue, but running default config and can't find anything in config documentation.
Upvotes: 1
Views: 2591
Answers (2)
Reputation: 23316
You probably have register_globals enabled:
See the manual for info.
Upvotes: 0
Reputation: 69991
This is called register globals. If a server has register globals turned on, then you can do this.
I would recommend not to have register globals on any server. Since it can introduce a security flaw in your system.
An example of a security flaw with this.
if($auth == true)
{
// sensitive stuff here
}
If auth is just a regular variable, then I can do this in the URL.
And see the sensitive information.
Upvotes: 6
Related Questions
- PHP Get URL with Parameter
- Get URL parameter PHP
- How to get a url parameter
- PHP get URL string parameters?
- Get Url Parameter
- Get URL string parameters with PHP
- Getting URL including parameters passed in an URL as a parameter
- Grabbing a url parameter in php
- How to get parameter from the url?
- PHP passing parameters via URL