By raheem
When you fill out a form on the internet, especially registration forms, the data you are supplying is sent to the server using one of two methods – POST or GET. The method used depends on the sensitivity of the data. Most registration forms use the POST method. If they dont, then the site is terribly insecure.
$_POST is a PHP method that has one job – to take the info you entered into a form and make it available to the server you are sending to. It does so by storing that data in an array. The index of the array is the form fields and the corresponding value of each index is the data you entered. So for a registration form like one below
The $_POST array would look like so:
username->rambo; password->123shoot; email->rambo@hurtin.com;
You can access the values using the following syntax:
$username=$_POST['username'];
![[Slashdot]](http://slashdot.org/favicon.ico)
![[Digg]](http://digg.com/favicon.ico)
![[Reddit]](http://reddit.com/favicon.ico)
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif)
![[Facebook]](http://www.facebook.com/favicon.ico)
![[Technorati]](http://technorati.com/favicon.ico)
![[Google]](http://www.google.com/favicon.ico)
![[StumbleUpon]](http://www.stumbleupon.com/favicon.ico)
By raheem
Register globals makes it *really* easy to code in php. It’s what takes the uri
or posted form data, and turns them into global variables in your script.
So if a url looked like:
http://www.fakename.com/index.php?target=help
and with register-globals on, php will create a variable, $target, which has the
value ‘help’ in it. It’s very useful and friendly but, if you don’t initialize
your variables then some non-so-nice person could initialize them for you by
passing them on the uri/post/cookie/etc so that your code no longer works as
expected.
You’re safe with it on if you always initialize variables, and set
error_reporting to E_ALL while testing so you catch any you might otherwise
miss.
If you leave it off, you need to use the associative arrays $_POST, $_GET etc.
The above example would be $_GET['target'].
Taken from this site
Why was register_globals disabled in PHP?
Register_globals was set to off by starting with PHP 4.2.0. When this setting is set to on, your script is automatically injected with various environment, get, post and cookie information set to variables. This poses a security risk since the environment variables could be set externally by using the URL. The following link provides a nice example of the security risk of setting register_globals to ON.
How register_globals can lead to insecure code
By raheem
Its supposed to compare two folders and then tell me the difference. Its really sloppy and slow – gotta work more on it…
$server = “srvts2010″
$backupfolder = “E:\cpsstore\SRVTS2010″
$sourcefolder = “\\srvXXXX\d$\data”
# Getting folder size of CPS folder
$colItems = (Get-ChildItem $backupfolder -recurse | Measure-Object -property length -sum)
$backupfoldersize = “{0:N2}” -f ($colItems.sum / 1024MB) + ” GB”
#write-output $backupfoldersize
# Getting folder size of source folder
$colitems2 = (Get-ChildItem $sourcefolder -recurse | Measure-object -property length -sum)
$sourcefoldersize = “{0:N2}” -f ($colItems.sum / 1024MB) + ” GB”
#write-output $sourcefoldersize
write-output “The CPS backup is ” $sourcefoldersize-$backupfoldersize ” behind ” $server
