Migrating from PHP 5.3.x to PHP 5.4.x -
a simple test programme program included.
enter info dataone click on create scheme dataone info moved datatwo
works 5.3
with 5.4 when create scheme image clicked info in dataone disappears form , noting passed datatwo
we have big number of programs utilize method of input fields , images click on.
if shift 5.3 works. if shift 5.4 wil not work.
<!doctype html> </head> <?php $dataone = $http_post_vars['dataone']; $datatwo = $http_post_vars['datatwo']; if(isset($_post['proc_x'])) { $datatwo = $dataone; } ?> <form name="form1" method="post" action="test.php"> <table> <tr> <td><strong> one</strong> </td> </tr> <tr> <td colspan="2"><input name="dataone" type="text" id="dataone" value="<?php echo $dataone?>" size="70"> </td> </tr> <tr> <td><strong> two</strong> </td> </tr> <tr> <td colspan="2"><input name="datatwo" type="text" id="datatwo" value="<?php echo $datatwo; ?>" size="70"> </td> </tr> </table> <table> <tr> <td colspan="1"><div align="left" > <input name="proc" type="image" id="proc" value="proc" alt="create system" title="create system" width="25" height="25"> <strong>proc</strong></div> </td> </tr> </table> <table> <tr> <td colspan="2"><input name="inx" type="hidden" id="inx" value ="<?php echo $inx; ?>" size="100"> </td> </tr> </table> </form> </body> </html>
$http_post_vars deprecated long ago. haven't seen utilize in 10 years. utilize $_post instead.
also, have opened potential xss attacks. utilize htmlspecialchars() around arbitrary info used in context of html.
php
No comments:
Post a Comment