register_globals info

You can have a look at this link for a brief overview:
http://www.plus2net.com/php_tutorial/register-globals.php

You should also become familiar with the import_request_variables command. If you have a program that is dependent on a lot of variables passed from another program (Get or Post) or from the command line, this can be a fast way to get it working again under PHP 5 (without turning register_globals back on). Please note however; if you don't use the second parameter (prefix) then you basically re-introduce the same exposures that register_globals ON has. The better way is to only import the variables you need with $_POST but that may take some re-work for existing programs.

Hi and thanks Chris.

I read the article and tried also the import_request_variables. (didn't worked). I chase this to this point:

I found at least one variable that is passed along scripts: it's $login. Is set via a post in the Auth class from the "PHP Anthology" book 1st. Ed.

I use this variable some place else to identify the user logged in but I don't see how this variable is passed from the class to the other script. Is this what register_globals is about?

Basically the $login var is assigned:

$login=mysql_escape_string($_POST[USER_LOGIN_VAR]);

and in some point this is used as:

<?php echo "<p>Bienvenido(a) $login<br/><br />"; ?>

With register_globals On is working but with Off is not.

I am sure there are more variables just like this one, but I don't see how _GET or _POST are involved here. I dump those variables and get nothing:

Dump GET
array(0)
Dump POST
array(0)

Any idea?

Thanks in advance