473,322 Members | 1,778 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

FOLLOW-UP: [Idea for PHP Enhancement: register_globals_manual]

On 10/06/2003 11:50 AM CST, the OP, 127.0.0.1, wrote:
httpget $user_id;
httppost $credit_card;
session $really_important_stuff;

Each of these declaration lines would effectively enable
register_globals for one specific variable in one particular method
(GET, POST or session).

Creative suggestions, comments would be welcome.
Justin Koivisto wrote: The proposal in the form of functions:

<?php
// usage example
global_session('var1');

function global_get($var){
if(!array_key_exists($var,$_GET))
$_GET[$var]='';
$GLOBALS[$var]=&$_GET[$var];
}

function global_post($var){
if(!array_key_exists($var,$_POST))
$_POST[$var]='';
$GLOBALS[$var]=&$_POST[$var];
}

function global_session($var){
if(!array_key_exists($var,$_SESSION))
$_SESSION[$var]='';
$GLOBALS[$var]=&$_SESSION[$var];
}

function global_cookie($var){
if(!array_key_exists($var,$_COOKIE))
$_COOKIE[$var]='';
$GLOBALS[$var]=&$_COOKIE[$var];
}

function global_server($var){
if(!array_key_exists($var,$_SERVER))
$_SERVER[$var]='';
$GLOBALS[$var]=&$_SERVER[$var];
}

function global_files($var){
if(!array_key_exists($var,$_FILES))
$_FILES[$var]='';
$GLOBALS[$var]=&$_FILES[$var];
}

function global_env($var){
if(!array_key_exists($var,$_ENV))
$_ENV[$var]='';
$GLOBALS[$var]=&$_ENV[$var];
}

function global_request($var){
if(!array_key_exists($var,$_REQUEST))
$_REQUEST[$var]='';
$GLOBALS[$var]=&$_REQUEST[$var];
}
?>
The proposal makes it explicit which variables you expect to use from
the _GET array, so an unexpected variable won't get extracted and
overwrite the session variable you intended to use. You get nearly
the convenience of register_globals=on with none of the security
risk.


I broadened the scope of the proposal in the process. These functions
now support all of the super globals (except$ GLOBALS)in PHP. I also
changed the names to be prefixed by global_ and then the lowercase
name of the superglobal array to play with.

Also, I thought about the case where the key didn't exist in the
superglobal. If this is the case, the key is created and then
referenced. This would likely be handy for _SESSION more than
anything.


Just wanted to follow-up on this one. Did this actually satisfy the
proposal set forth by the OP? I haven't noticed any posts to the thread
since I submitted this.

Ideas/comments/suggestions welcome on this as well.

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 17 '05 #1
4 1993
Justin Koivisto wrote:

Just wanted to follow-up on this one. Did this actually satisfy the
proposal set forth by the OP? I haven't noticed any posts to the
thread since I submitted this.


THe following are the basic original requirements:
1. Be reasonably safe from abuse (unlike register_global etc)
2. Allow a real PHP variable (e.g. $XYZ) to be intimately associated
with a SESSION, COOKIE, GET, POST etc varible - from instant of
declaration through to explicit or implicit script execution end.
3. Optionally $XYZ may use a prefix to the variable name (e.g.
$Session_XYZ) the entire variable name must be a valid identifier (i.e.
$Session['XYZ'] is not allowable).

THat is about it.

Just from looking at the above code - looks OK, however have not tested
it.

--
Spam:newsgroup(at)cr*********@verisign-sux-klj.com
EMail:<0110001100101110011000100111010101110010011 010110
11001010100000001100011011100100110000101111010011 011100
11000010111001000101110011000110110111101101101001 00000>
Jul 17 '05 #2
127.0.0.1 wrote:
Justin Koivisto wrote:

Just wanted to follow-up on this one. Did this actually satisfy the
proposal set forth by the OP? I haven't noticed any posts to the
thread since I submitted this.

THe following are the basic original requirements:
1. Be reasonably safe from abuse (unlike register_global etc)
2. Allow a real PHP variable (e.g. $XYZ) to be intimately associated
with a SESSION, COOKIE, GET, POST etc varible - from instant of
declaration through to explicit or implicit script execution end.
3. Optionally $XYZ may use a prefix to the variable name (e.g.
$Session_XYZ) the entire variable name must be a valid identifier (i.e.
$Session['XYZ'] is not allowable).

Just from looking at the above code - looks OK, however have not tested
it.


I think to satisfy item #3, you'd have to modify the functions as so:

<?php
function global_get($var){
if(!array_key_exists($var,$_GET))
$_GET[$var]='';
$GLOBALS[$var]=&$_GET[$var];
$GLOBALS['GET_'.$var]=&$GLOBALS[$var];
}

function global_post($var){
if(!array_key_exists($var,$_POST))
$_POST[$var]='';
$GLOBALS[$var]=&$_POST[$var];
$GLOBALS['POST_'.$var]=&$GLOBALS[$var];
}

function global_session($var){
if(!array_key_exists($var,$_SESSION))
$_SESSION[$var]='';
$GLOBALS[$var]=&$_SESSION[$var];
$GLOBALS['SESSION_'.$var]=&$GLOBALS[$var];
}

function global_cookie($var){
if(!array_key_exists($var,$_COOKIE))
$_COOKIE[$var]='';
$GLOBALS[$var]=&$_COOKIE[$var];
$GLOBALS['COOKIE_'.$var]=&$GLOBALS[$var];
}

function global_server($var){
if(!array_key_exists($var,$_SERVER))
$_SERVER[$var]='';
$GLOBALS[$var]=&$_SERVER[$var];
$GLOBALS['SERVER_'.$var]=&$GLOBALS[$var];
}

function global_files($var){
if(!array_key_exists($var,$_FILES))
$_FILES[$var]='';
$GLOBALS[$var]=&$_FILES[$var];
$GLOBALS['FILES_'.$var]=&$GLOBALS[$var];
}

function global_env($var){
if(!array_key_exists($var,$_ENV))
$_ENV[$var]='';
$GLOBALS[$var]=&$_ENV[$var];
$GLOBALS['ENV_'.$var]=&$GLOBALS[$var];
}

function global_request($var){
if(!array_key_exists($var,$_REQUEST))
$_REQUEST[$var]='';
$GLOBALS[$var]=&$_REQUEST[$var];
$GLOBALS['REQUEST_'.$var]=&$GLOBALS[$var];
}
?>

This should then allow using all of these to access the same value in
memory:

<?php
global_session('var1');
$var1='test';
echo $var1,'<br>';
echo $SESSION_var1,'<br>';
echo $GLOBALS['var1'],'<br>';
echo $GLOBALS['SESSION_var1'],'<br>';
echo $_SESSION['var1'],'<br>';
?>

In turn, setting any one of them should change all the values because it
is all referenced, meaning it's all just one memory location. This all
works for my setup with php 4.3.3.

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 17 '05 #3
Justin Koivisto wrote:
Justin Koivisto wrote:
> > Just wanted to follow-up on this one. Did this actually
> > satisfy the
proposal set forth by the OP? I haven't noticed any posts to the
thread since I submitted this.
> THe following are the basic original requirements:

1. Be reasonably safe from abuse (unlike register_global etc)
2. Allow a real PHP variable (e.g. $XYZ) to be intimately associated
with a SESSION, COOKIE, GET, POST etc varible - from instant of
declaration through to explicit or implicit script execution end.
3. Optionally $XYZ may use a prefix to the variable name (e.g.
$Session_XYZ) the entire variable name must be a valid identifier
(i.e. $Session['XYZ'] is not allowable).
Just from looking at the above code - looks OK, however have not
tested

it.


I think to satisfy item #3, you'd have to modify the functions as so:


Sorry, #3 isn't saying that the solution has to have that
functionality, just that if there NEEDS to be some modification in the
variable name, that it consist of only standard identifier allowable
characters.

Given the solution posted allows $XXX to be created, then 3. is
satisfied.

--
Spam:newsgroup(at)cr*********@verisign-sux-klj.com
EMail:<0110001100101110011000100111010101110010011 010110
11001010100000001100011011100100110000101111010011 011100
11000010111001000101110011000110110111101101101001 00000>
Jul 17 '05 #4
127.0.0.1 wrote:
Justin Koivisto wrote:

Justin Koivisto wrote:

>>Just wanted to follow-up on this one. Did this actually
>>satisfy the

proposal set forth by the OP? I haven't noticed any posts to the
thread since I submitted this.

>THe following are the basic original requirements:

1. Be reasonably safe from abuse (unlike register_global etc)
2. Allow a real PHP variable (e.g. $XYZ) to be intimately associated
with a SESSION, COOKIE, GET, POST etc varible - from instant of
declaration through to explicit or implicit script execution end.
3. Optionally $XYZ may use a prefix to the variable name (e.g.
$Session_XYZ) the entire variable name must be a valid identifier
(i.e. $Session['XYZ'] is not allowable).

Just from looking at the above code - looks OK, however have not
tested

it.


I think to satisfy item #3, you'd have to modify the functions as so:

Sorry, #3 isn't saying that the solution has to have that
functionality, just that if there NEEDS to be some modification in the
variable name, that it consist of only standard identifier allowable
characters.

Given the solution posted allows $XXX to be created, then 3. is
satisfied.


Thanks for the feedback. I have posted an article on this now.
http://www.koivi.com/manual-php-globals/

--
Justin Koivisto - sp**@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.

Jul 17 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Nobody | last post by:
Does anyone have some python code snippets for finding First() and Follow() sets of an LL(1) grammar handy? Thanks
9
by: santanu | last post by:
Hi all, I know a little python (not the OOP part) learnt by studying the online tutorial. Now I would like to learn it more thoroughly. I have access to 'Programming Python' which I liked...
9
by: Philip TAYLOR | last post by:
Configuring a new instance of IIS, I noticed that it allows an HTML-formatted document trailer to be appended to every document served. Unfortunately, on checking its behaviour, I find that it...
0
by: Hunters | last post by:
Once you reorder the listview items, largeicon or smallicon view will not follow the order of list or detail view which is the correct order. For example with a listview as...
2
by: Joris Gillis | last post by:
Hi everyone, I have this nasty little problem to which I can't find a solution: Consider an anchor <a name="Top" id="Top">Top</a> How can I follow/execute this link from within javascript?...
1
by: oketz1 | last post by:
Hi I am writing an application very similar to notepad and I have to implement the status bar feature, which mean that I have to follow after the cursor is there any event that raised when...
3
by: MPR | last post by:
Hi guys; I'm using an AxSHDocVw.AxWebBrowser control to show a web page. I need to know if i can ( and how? ) i do the following things: 1 - I need to follow 1 link in the webpage diplayed...
0
by: woodglass | last post by:
I want to use object.hyperlink.Follow to follow a hyperlink to a web page. The web page requests a username & password. Can I programmatically supply both instead of having to type them in ?....
3
by: Rizvi | last post by:
The Grammer is given: S ---> id=E; E ---> E+T | E-T | T T ---> T*F | T/F | F F ---> P^F | P P ---> -P | L L ---> (E) | id | num -------------------------------- I've fond the following...
0
by: 008worker | last post by:
Do you want the science article you may follow the following the link. Do you want something about science?if yes you may follow the following link.it is really intresting and useful. ...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.