I'd bet cash money that register_globals is "off" on your new server, and was "on" on the previous one.

Access your GET variables as $_GET['var']

Thanks a lot for the point, and sorry for the delay; I was busy with a few files to change all.

Btw, is it any dangerous to set it to on in php.ini?

Rather than expressing my own opinion, which is far from expert, I'll quote from php.net: "the directive itself isn't insecure but rather it's the misuse of it." (source [php.net])

According to everything I've read on it, it's much easier to write insecure scripts that rely on register_globals being on. Having it turned off requires that you access GET, POST, COOKIES, etc., by the GLOBAL array variables ($_GET, $_POST, and so forth), which forces you to expressly recognize where the variable's value is coming from.

With register_globals on, you can blithely use $admin, supposedly derived from the value of a cookie that you set when a user logged in as an admin, but a user can send ?admin=yes in the URL and $admin will now have the value "yes." You can see where that kind of thing can lead, I'm sure.

I keep it turned off on my own server.

Thanks again.

And "reading is always the best way, though not the easiest!"