Global variables off , what does it mean,what does it..

phprock

cany anyone clearly tell me ..

what is global variables.. ? what is global variables off ?

I assumed that you have some variables in a file and you want to use that variable inside a function or a file . so normally we use "global $varname";

ie.

<?php
//config.php

$cost=70;

?>

so in another file or function if i want to use $cost variable i have do

<?php
//index.php

include("config.php");

global $cost;

echo"Here is the cost $cost";

 ?>

so if the gloval variables off in php settings, so i can't use this anymore.. am i right ?

But how come it works in machine where gloval variable is set to off.

I think I have got confused over global variable.

Please clearify me...

ThaNKS IN advance.

ahundiak

I thknk you have the register_globals=OFF and the notion of global scope mixed up. They really are two basically unrelated concepts. There is no such thing as "turning globals variables off".

I'd suggest you start by reviewing this part of the manual which explains global scoping rules.
http://www.php.net/manual/en/language.variables.scope.php

And then just assume that register_globals is off and follow these guidlines for submitted data.
http://www.php.net/manual/en/language.variables.external.php

phprock

Thank you for the reply .. now i under global variable..

Well, the notes does not clearly state about register_globals.

if register_globals is off what I cant' do and what I can do if it is on.

thank you..

weekender

when you run a php script, you get five categories of variables that are automatically available if they are set

Environment - imported into PHP's global namespace from the environment under which the PHP parser is running, such as the operating system etc
GET - variables passed to the script in the url in the format index.php?var1=a&var2=b
POST - variables sent from a form. When you submit a form (with the method set to POST), the vars will appear in the script as POST vars
Cookie - variables automatically picked up from a pre-set cookie on the client
Server - containing information such as headers, paths, and script locations on the server

Each of these categories is represented as an array. For example, all server variables are automatically present in $SERVER, get variables in $GET etc

So if you wanted to know the ip address of the client, you can call

$_SERVER['REMOTE_ADDR'];

you don't need to set it up, it's just automatically there as a global array.

If register_globals is set, each time you run a script, the parser will automatically extract these arrays - so rather than having $_SERVER['REMOTE_ADDR'], you would automatically have a variable called $remote_addr and wouldn't have to go through the array to fetch it each time.

This has problems, and so is set to off by default. Simply put, if it is set to on, and you have the users' passwords stored in a variable called $password, anyone viewing could put in a url

index.php?password=this

and because register_globals is set to on, php would create the variable $password, overwriting the original $password, and so a user would be allowed to hack accounts.

you see?

ads

phprock

Well done, now make sense.

Thank for the time and great post.

I think this thread put in the Newbie FAQ.

Regards