doug Posted June 21, 2008 Share Posted June 21, 2008 In the book I'm reading there is the following example, which works. Let's say this is in button.php: <?php $font = 'times'; if (!$size) $size = 12; $im = ImageCreateFromPNG('button.png'); // calculate position of text $tsize = ImageTTFBBox($size,0,$font,$text); $dx = abs($tsize[2]-$tsize[0]); $dy = abs($tsize[5]-$tsize[3]); $x = ( ImageSx($im) - $dx ) / 2; $y = ( ImageSy($im) - $dy ) / 2 + $dy; // draw text $black = ImageColorAllocate($im,0,0,0); ImageTTFText($im, $size, 0, $x, $y, $black, $font, $text); header('Content-Type: image/png'); ImagePNG($im); ?> The text parameter is passed in the URL as follows:http://thedomain.com/button.php?text=the+buttonMy question is, why does this work? Why didn't I have to have a line:$text = $_GET['text'];in order to grab the parameter from the URL?Isn't it dangerous to allow variables to just be set like that in the URL?doug Link to comment Share on other sites More sharing options...
boen_robot Posted June 21, 2008 Share Posted June 21, 2008 It's a PHP setting called Register Globals, and you're right - it's dangerous. If your host doesn't allow you to turn it off, you can turn off yourself by using the second of those scripts. Link to comment Share on other sites More sharing options...
killboy Posted June 21, 2008 Share Posted June 21, 2008 By the way, Register Globals will be off on PHP 6 for what boen_robot said. So you better get used to use the $_GET; it's the practice too. Link to comment Share on other sites More sharing options...
jhecht Posted June 21, 2008 Share Posted June 21, 2008 IT works because whoever wrote that script is not the brightest knife in the drawer. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.