Share your understanding of PHP register_globals values ​​​​on and off_PHP tutorial

The value of register_globals can be set to: On or Off. Let’s give a piece of code to describe their differences respectively.

Code:

Copy code The code is as follows:

When register_globals=Off, the next program should use $_GET['user_name'] and $_GET['user_pass'] to accept the passed value when receiving. (Note: When the method attribute of

is post, you should use $_POST['user_name'] and $_POST['user_pass'])

When register_globals=On, the next program can directly use $user_name and $user_pass to accept values.

As the name suggests, register_globals means to register as a global variable, so when it is On, the passed value will be directly registered as a global variable and used directly, and when it is Off, we need to go to a specific array to get it . Therefore, friends who encounter the above problems of not being able to get the value should first check whether your register_globals setting matches your method of obtaining the value. (To view, you can use the phpinfo() function or directly view php.ini)

Let’s see what’s wrong here?

Look at the following PHP script, which is used to authorize access to a web page when the entered username and password are correct:

Copy code The code is as follows:

// Check username and password
if ($username == 'kevin' and $password == 'secret')
$authorized = true;
?>

Please enter your username and password:

Username:

Password:

The problem with the above code is that you can easily gain access without providing the correct username and password. Just add ?authorized=1 at the end of your browser's address bar. Because PHP automatically creates a variable for every submitted value -- whether from a form submission, a URL query string, or a cookie -- this will set $authorized to 1, so an unauthorized user can Security restrictions can be exceeded.

http://www.bkjia.com/PHPjc/313566.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/313566.htmlTechArticleThe value of register_globals can be set to: On or Off. Let’s give a piece of code to describe their differences respectively. Code: Copy code The code is as follows: form name="frmTest" id="frmTest" act...