PHP, register_globals = Off, and wtf?

Lemming

Hey guys,

not sure if this should be in this board or webmaster, but here goes.

I've had to move a web-app from one machine to another. I'm running php 4.2.3, and register_globals are off as default.

I'm taking in a user name and password, but if the password has a '+' in it, it's being stripped out. Needless to say, the passwords aren't being verified as a result and thus users can't log in. Since I had no problem on the old server (and running php 4.1.2), I'm guessing this is a technology issue and not a webmaster issue.

Does anyone have any clue as to how to either rectify this issue, or work around it?

flamegrill

Is safe mode on now? or are any of the magic quote options turned on ?

Lemming

Originally posted by flamegrill
Is safe mode on now? or are any of the magic quote options turned on ?

(php 4.2.3)

---

magic_quotes_gpc - On - On
magic_quotes_runtime - Off - Off
magic_quotes_sybase - Off - Off

safe_mode - Off - Off
safe_mode_exec_dir -1 - 1
safe_mode_gid - Off - Off
safe_mode_include_dir - no value - no value

I should also mention that the text input in question is as follows:

<?php
if($_POST['flag'] != null)
{
        echo "GMS: ".$_POST['gmscode']."\n<br>\n" ;
        echo "Pwd: ".$_POST['gmspwd']."\n<br>\n" ;
} 
?>

......

<form name="login" action="<? echo $_SERVER['PHP_SELF'] ; ?>" method="post">
        <b>GMS Number: </b><input type="text" name="gmscode" size="20">
        <br>
        <b>Password: </b><input type="password" name="gmspwd" size="30">
        <br>
        <input type="submit" name="submit" value="Test">
        <input type="reset" name="reset" value="Reset">
        <input type="hidden" name="flag" value=1>
</form>

flamegrill

Turn magic quotes off.

Paul

Lemming

Originally posted by flamegrill
Turn magic quotes off.

Paul

Didn't make a difference

Think I need to use the urlencode/decode functions.