changing my forum to not use register_globals

trickytiger

i've been trying to change my forum: www.fact-connexion.com/cmforum/
so it doesn't use register_globals, but i can't figure out how to do this.

here's some code that won't work without register_globals:

f($action == "login" && $HTTP_POST_VARS['submit'] == "") {   # If we're accessing the login form...
	$navaddon = "&gt; Login";
	page_header("$navaddon", $themsg);
	login_form();
}


if($action == "login" && $HTTP_POST_VARS['submit'] != "") {   # If the user is submitting login info...
	$password = $HTTP_POST_VARS['password'];
	$username = $HTTP_POST_VARS['username'];

$password = mysql_real_escape_string($_POST['password']);
$username = mysql_real_escape_string($_POST['username']);

$query = mysql_query("SELECT * FROM $db_member WHERE username='$username'") or die(mysql_error());
$member = mysql_fetch_array($query);

if($member == "") {
	echo "Invalid username";
	exit;
}

if($member[password] != $password) {
	echo "Invalid password";
	exit;
}

$time = time() + (86400*365);
setcookie("cmuser", $username, $time);
setcookie("cmpass", $password, $time);

$navaddon = "&gt; Login";

page_header("$navaddon", $themsg);
echo " successful, now being redirected";
redirectit("index.php");
}


if($action == "logout") {   # If they wanna logout
	$time = time() - (86400*365);
	setcookie("cmuser", $username, $time);
	setcookie("cmpass", $password, $time);
	$navaddon = "&gt; Logout";
	page_header("$navaddon", $themsg);
	echo " successful, now being redirected";
	redirectit("index.php");
}

thorpe

im not sure this is your problem but $HTTP_POST_VARS has long been depricated, you should use $_POST[] instead.

trickytiger

i've tried that, i also noticed that register_globals off doesn't seem to like that action part

Weedpacket

Well, if $action is a form field, then it should be written as $_POST['action'], just like all the other form fields.

trickytiger

nope that still doesn't work...

trickytiger

is there anyway i could make this work without the action part?

thorpe

you mean its not working? what does that mean? are you getting any errors? what?

trickytiger

the login form just won't show, if you want i can set up a demo with register_globals turned off