Your friend is probably referring to Using Register Globals [php.net].

thanks...

nice, I am half way done and I'm screwed.
have to start from scratch.

See if your editor has a multifile search-replace option and just try replacing $variablefromsession with $_SESSION['variablefromsession'] for each of your variables that are supposed to come in from sessions; don't preemtively concede to being screwed.

I think that's what I have so far ...
example of registering first name as a session var

$_SESSION_['first_name'] = $first_name;

J

Careful, you've got an extra underscore in there ;)

$_SESSION_['first_name'] = $first_name; // incorrect 
$_SESSION['first_name'] = $first_name; // correct

dayum.... =)

I need some help guys... what can I do if I turned register_globals OFF. I dont want to turn it back on due to the security flaws.

anyway I can use the sessions without storing the vars in a global runtime variable?

J

Absolutely. By default, register_globals is off and session variables are kept in the $_SESSION array.

So instead of using $username and registering variable with the session and all that, just use

$_SESSION['username']

The main problem with register_globals being on is not security, but simply unstable code and unexpected results. If you turn it off, there's less chance of one variable overwriting another (i.e. $_SESSION['username'] overwriting $_POST['username']).

Tom

thanks... 1 more quickie and then I'm done... for today that is =)

How do I display the info wrapped in css?

I got this page but I cant get it to work.

<!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN>
<html>
<head>
<title>title/title>
<link rel=shortcut icon href=/images/favicon.ico type=image/x-icon/>
<link rel=stylesheet type=text/css href=/css/styles.css>
<script type=text/javascript>
<!-- hide
function alter(what,col)
{
try
{
(what!= null)? what.style.background = col : null;
}
catch(errorObject)
{
alert('what is not an obj\t error = ' + errorObject.description);
}
}
//end hiding-->
</script>
</head>
<body background=#E7C981>
<? php
/* Check User Script */
session_start(); // Start Session
if ( empty( $id ) ) {
print "$message";
include 'file';
}
else {

print "
<table cellpadding=0 cellspacing=2 align=left border=0 class=mainTable>
<thead>
<tr>
<th valign=top>
the rest of the html
<th valign=top>
</tr>
</thead>
</table>";)
?>

You need a closing bracket at the end of your

else {

, and to 'wrap' it in css, you just have to make sure that css file you're pulling in there actually exists, add a class or two, and add these classes to your HTML - you've already got maintable here - so your css should have something like:

table.maintable { 
color: #fcc; 
border: #3f3 dotted 4px; 
font-family: "Comic Sans MS"; 
text-decoration: blink; 
} 

Bottom of your revised code (w/added bracket, I also added quotes to your html where appropriate) will look something like this:

else { 
print " 
<table cellpadding='0' cellspacing='2' align='left' border='0' class='mainTable'> 
<tr class='thread'> 
<th valign='top'> 
the rest of the html 
<th valign='top'> 
</tr> 
</table>";) 
} 
?> 

You'll also see I removed '<thread>' - looks to me like you might be trying xml-xsl here? In ordinary css, just make another rule in your css file:

tr.thread { 
color: #fd0; 
} 

thx man... It will be the }; I'm gonna give it a shot

I am not xmlling, it's thead =)

J