Forum Moderators: coopster
With globals ON my site works like i want it to BUT hacker run amuck!
With globals OFF my site DON'T work and hackers DON'T work either!
SO.... is there and in between? I want MY SITE ONLY to use globals and any EXTERNAL sites to NOT use them?
Is there a way for me to set Globals ON for MY SITE ONLY.?
I currently have my php.ini file with php_value register_globals Off So what can i change it to that might help me?
Any suggustions at all for me to solve the problem?
Thanks,
Steve
<?php if($id == "") { include "Mainpage.html"; } else { include "$id"; } ?>
So when I want to load other pages I type it like this:
www.mysite.com/index.php?id=information.html and it bring up the pages i want.
with gloabals OFF my site does NOT work at all... it just always stays at the Mainpage.html?
[edited by: hornemans at 1:14 pm (utc) on Nov. 11, 2008]
<? if ($_GET["id"] == "" ¦¦ !file_exists($_GET["id"])) { include "Mainpage.html"; } else { include($_GET["id"])); } ?>
Note: This site breaks pipes("¦¦") so you will need to replace them
<? if ($_GET["id"] == "" ¦¦ !file_exists($_GET["id"])) { include "Mainpage.html"; } else { include($_GET["id"])); } ?>
I tried it and i get this: "Parse error: syntax error, unexpected "
Now that was with gloabals turned OFF... i did not try with it turned on but then again i want it to work with globals turned OFF... I think!
PS. and yes i replaced the ¦¦ in it.
you could remove a parentheses and it should work
<? if ($_GET["id"] == "" ¦¦ !file_exists($_GET["id"])) { include "Mainpage.html"; } else { include($_GET["id"]); } ?>
<? if ($_GET["id"] == "" ¦¦ !file_exists($_GET["id"])) { include "Mainpage.html"; } else { include($_GET["id"]); } ?>
I removed the parentheses and how i get this error: Parse error: syntax error, unexpected T_STRING
I forgot to change the ¦¦ the second time...
It works great... thanks!
Let see if this will keep the hacker out.
