Re: [cobalt-users] Odd happenings in proven PHP script after latest updates / pre site resolved access

[Ryan Verner <xfesty@xxxxxxxxxxxxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 16 Oct 2002 12:45:12 -0700 Alex Krohn <alex@xxxxxxxxxxxxxxxxxxxx> wrote:

 username
| > and password but does not go to next part where it asks what area the user
| > wants to manage on the site. No errors are generated, it just does not work.
| > If it detects a wrong password / username it responds correctly though.
| > 
|

Let me guess, you're using $_REQUEST['variable'];, or something along those lines (as you'd do in the case of register globals being off?)

I'm having exactly the same problem too.  You'll find that whats happening is that nothing's getting passed to the php script, which is why you're getting strange results out of your scripts.

This should work regardless of register globals being on or off.

For some f*$%ing reason the cobalt insists on the old, horrible insecure practice of using $variable.  Even WITH php.ini changed.  Grr.

Ack, if anybody knows a way around this, tell me, please.  I'm sure Alex would like to know how, too ;-)

R

- --
Ryan Verner <xfesty@xxxxxxxxxxxxxxxxxxxxxxxxx>

ICQ: 76626240
 PH: +61 415 297 303
IRC: xfesty / irc.oublinet.net
 EQ: Mummer (Bard), Tholuxe Paells

propaganda as education, no rising above your station.
a totalitarian state, all the victims that can hardly wait.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9rc8URcxk39PM6wcRAjdkAKCSL13Pfk2JMY4NjJaG/cPtqwWRLACfaHza
llaazwmudm8Fy76TjWhfrC4=
=pgNO
-----END PGP SIGNATURE-----