PHP Register global

If you means "on/off " of register_global, should configure in php.ini.

Register_globals=0;

I do not see php.ini file and should I create it?

How to further declare variable for Register global use, within PHP files?

I recognize that this is a continuation of this question that veered off topic. Thank you for starting a new question but I'm afraid you're still asking the wrong question. As I understand from the previous question, the question is really about getting a variable from one page to pass to the next page. In the other question we strongly suggested that you avoid using register globals and session_register which are now deprecated and removed because of the security issues. Allow me to address the situation using the recommended approach.

You have two files, login.php and login_menu.php. As I understand it, $username and $passwd are being defined in login.php but you need to use them again in login_menu.php. So what we need to do, is to store those values in the $_SESSION superglobal at the very end of login.php. Please find the very last exit PHP flag (?>) in login.php. It could be at the very end or it may have some HTML after it. When you've found it, enter the following just before it.

$_SESSION['username'] = $username;
$_SESSION['passwd'] = $passwd;
?>

Select allOpen in new window

Now modify the beginning of login_menu.php so it will define a new $username and $passwd from the $_SESSION superglobal. (See lines 14 and 15.)

<?php
//...
//...
error_reporting(E_ALL);
ini_set('display_errors','on');
require_once("login_fns.php");
require_once("..\lib\db_fns.php");

ob_start();
session_start();
if (isset($_SESSION['username']) && isset($_SESSION['passwd']) )
// they have just tried logging in
{
	$username = $_SESSION['username'];
	$passwd = $_SESSION['passwd'];
...

Select allOpen in new window

1. You can find out where your php.ini file is by simply creating a new PHP script and put this line in it:
<?php phpinfo(); ?>

Save and visit the page and you will see all sorts of settings and configurations. In the first section, it will tell you the location for the php.ini file. You also don't HAVE to have a php.ini file. It will use defaults if you don't have a php.ini file.

2. You don't declare variables for "register global use". The register_globals setting will automatically create variables for you. So if you normally had $_GET["myvariable"] with a value of 1, then if register_globals was enabled, then you would automatically have another copy of that variable called $myvariable with a value of 1. So you could use either $_GET["myvariable"] or $myvariable.

3. Register_globals is bad. You should not use it. It is very insecure and can lead to problems. That is why it is turned off by default and it is completely deprecated in recent versions.

@gr8gonzo, in the author's previous question we determined that they are using PHP 5.2 and register_globals is already turned on.

register_globals was turned off by default in PHP 4.2.
@HuaMinChen register_globals is a security threat.
Please consider that it was turned off by default almost 15 years ago you should take the advice Ray Paseur gave you in your previous question and use an up to date secure method to authenticate your users.

I have line like

register_globals = On

to file php.ini-dist

Here is login.php

<?
//Author:jack
//Date:30/03/09
 global $username, $passwd;
 $username='';
 $passwd='';
 session_register("username","passwd");
 require_once("login_fns.php");

 do_html_header("Login");

 display_site_info(); 
 display_login_form();

 do_html_footer();
 $_SESSION['username'] = $username;
 $_SESSION['passwd'] = $passwd;
?>

Select allOpen in new window

and login_menu_php

<?
//Author:jack	Desc:Login validation program
//Created Date: 15/04/09  Modified Date: 15:08 30/11/10
error_reporting(E_ALL);
ini_set('display_errors','on');
require_once("login_fns.php");
require_once("..\lib\db_fns.php");

ob_start();
session_start();
//if ($username && $passwd)
//if (session_is_registered("username") && session_is_registered("passwd") )
if (isset($_SESSION['username']) && isset($_SESSION['passwd']) )
// they have just tried logging in
{
      echo "DEBUG: iiiValid User = {$username}<br/>";
    if (login($username, $passwd))
    {
      echo "DEBUG: dddValid User = jjj<br/>";
      // if they are in the database register the user id
      $valid_user = $username;
      echo "DEBUG: Valid User = {$valid_user}<br/>";
      session_register("valid_user");
	  $conn = df_conn();
	  $sql="select top 1 principal from user_acct where username='$username'";
	  $rst = odbc_exec($conn,$sql);
	  $qry = odbc_fetch_array($rst);
	  $pri=$qry[principal];
      session_register("pri");
	  $sql="select top 1 territory from user_acct where username='$username'";
	  $rst = odbc_exec($conn,$sql);
	  $qry = odbc_fetch_array($rst);
	  $g_area=$qry[territory];
	  session_register("g_area");
	  $g_multiarea = str_replace(",", chr(13), $g_area);
	  session_register("g_multiarea");
    }  
    else
    {
      // unsuccessful login
      do_html_header("Problem:");
      echo "You could not be logged in. 
            You must be logged in to view this page.";
      do_html_url("login.php", "Login");
      do_html_footer();
      exit;
    }      
}

check_valid_user();
setcookie("username", $username);
?>

<head>
<title>Zimnet A4 Menu</title>
</head>
<link rel="stylesheet" href="../styles.css" type="text/css">
<body style="background-color:white;">

<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
  <tr> 
    <td height="21" bgcolor="#495e83"></td>
    <td height="21" bgcolor="#495e83"></td>
  </tr>
  <tr> 
    <td height="120" align="left" valign="middle" bgcolor="#FFFFFF"> <img alt="" src="../images/company_name.gif" width="368" height="110"> 
    </td>
    <td align="right" width="287"><img alt="" src="../images/header_graphic.jpg" width="287" height="119"></td>
  </tr>
  <tr> 
    <td height="35" valign="middle" bgcolor="#495e83"> &nbsp; &nbsp; &nbsp; </td>
    <td bgcolor="#495e83"></td>
  </tr>
  <tr>
    <td height="1"><img alt="" src="../images/spacer.gif" width="1" height="1"></td>
    <td height="1"><img alt="" src="../images/spacer.gif" width="1" height="1"></td>
  </tr>
  <tr background="../images/links_bot_fill.gif">
    <td height="30">&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
</table>

<img src="../images/RightImage1570.jpg" alt="" name="zimpic1" width="112" height="533" align="right">
<script language="JavaScript" src="zam.js"></script>
<?
  $conn = df_conn();
  $sql="select top 10000 * from user_role where username='$username'";
  $rst = odbc_exec($conn,$sql);
  $qry = odbc_fetch_array($rst);
  echo "<script language=\"JavaScript\" src=\"zam_items_das.js\"></script>";
  
 if ($qry['role_code']=="DAS")  {
 echo "<script language=\"JavaScript\" src=\"zam_items_das.js\"></script>";
 }
 else if ($qry['role_code']=="DPC")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_dpc.js\"></script>";
 }
 else if ($qry['role_code']=="ACS")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACS.js\"></script>";
 }
  else if ($qry['role_code']=="ACP")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACP.js\"></script>";
 }
  else if ($qry['role_code']=="ACX")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACX.js\"></script>";
 }
 else if ($qry['role_code']=="ADM")
 echo "<script language=\"JavaScript\" src=\"zam_items_adm.js\"></script>";
?>
<table cellpadding="50" cellspacing="0" border="8" width="80%" style="background-color:white;position:absolute;top:180px;left:80px;">
<tr>
	<td>
	<script language="JavaScript">

	<!--//
		new tree (TREE_ITEMS, TREE_TPL);

	//-->
	</script>
	</td>
</tr>
</table>


<?

echo "<div class=\"loginas\">";
echo "<p>Welcome <br>$valid_user<br>($g_area)</p>";
echo "<div>";
ob_end_flush();
?>

Select allOpen in new window

but I still get this problem

Hello, Sorry for my reply is being late.
Did you copy "register_globals = On" from php.ini-dist to php.ini?
If not, please copy and let me know if still has problem.

I've just put such line into file

C:\AppServ\php5\php.ini

and then have re-started httpd but I've still got the same problem as currently shown in above.

You did not make the edits to login_menu.php as I instructed. Specifically lines 14 and 15.

<?php
//...
//...
error_reporting(E_ALL);
ini_set('display_errors','on');
require_once("login_fns.php");
require_once("..\lib\db_fns.php");

ob_start();
session_start();
if (isset($_SESSION['username']) && isset($_SESSION['passwd']) )
// they have just tried logging in
{
	$username = $_SESSION['username'];
	$passwd = $_SESSION['passwd'];
...

Select allOpen in new window

Many thanks. I have

<?
//...
//...
error_reporting(E_ALL);
ini_set('display_errors','on');
require_once("login_fns.php");
require_once("..\lib\db_fns.php");

ob_start();
session_start();
//if ($username && $passwd)
//if (session_is_registered("username") && session_is_registered("passwd") )
if (isset($_SESSION['username']) && isset($_SESSION['passwd']) )
// they have just tried logging in
{
	$username = $_SESSION['username'];
	$passwd = $_SESSION['passwd'];
...

Select allOpen in new window

but on last line in above, I still get empty username.

I think we are muddying the water here. In his previous question we attempted to discover where $username and $passwd were being set - they were not being defined anywhere which was identified as a problem - at the time register_globals was not on the radar - so there was a piece missing.
As a result of this, and based on our recommendations, the asker appears to have declared the two variables and initialised them to empty strings. It is possible that this is wiping out the registered versions of the variables coming in from the form.

While we all agree that dependence on deprecated features is not the way to go - the asker has a situation where he is porting code from one server to another. Right or wrong the code is a currently production (working) code base - that is simply being moved. As per accepted change control procedures rewriting code as part of a code move is not a great idea.

My recommendation then is
a) Make a fresh copy of the code base from the working server
b) Make sure register_globals=on in the PHP.INI file on the new server
c) Test the login process

Once working - the next step would be for the asker to initiate a project on his side to upgrade the code base - if it is something deemed necessary by his organisation.

Julian,
Can I know why my current codes in above, are not working as expected?

Have you modified the original code from the working server - or is the code that is on the new server an exact copy?

Yes, the current PHP files are exactly copies from working server.

Why aren't the current codes I've shown in above, working as expected?

Here is login.php

<?
 //global $username, $passwd;
 //$username='';
 //$passwd='';
 //session_register("username","passwd");
 require_once("login_fns.php");

 do_html_header("Login");

 display_site_info(); 
 display_login_form();

 do_html_footer();
 //$_SESSION['username'] = $username;
 //$_SESSION['passwd'] = $passwd;
?>

Select allOpen in new window

and login_menu.php

<?
error_reporting(E_ALL);
ini_set('display_errors','on');
require_once("login_fns.php");
require_once("..\lib\db_fns.php");

ob_start();
session_start();
if ($username && $passwd)
//if (session_is_registered("username") && session_is_registered("passwd") )
//if (isset($_SESSION['username']) && isset($_SESSION['passwd']) )
// they have just tried logging in
{
	//$username = $_SESSION['username'];
	//$passwd = $_SESSION['passwd'];
      echo "DEBUG: iii User name = {$username}<br/>";
      echo "DEBUG: iii passwd = {$passwd}<br/>";
    if (login($username, $passwd))
    {
      echo "DEBUG: dddValid User = jjj<br/>";
      // if they are in the database register the user id
      $valid_user = $username;
      echo "DEBUG: Valid User = {$valid_user}<br/>";
      session_register("valid_user");
	  $conn = df_conn();
	  $sql="select top 1 principal from user_acct where username='$username'";
	  $rst = odbc_exec($conn,$sql);
	  $qry = odbc_fetch_array($rst);
	  $pri=$qry[principal];
      session_register("pri");
	  $sql="select top 1 territory from user_acct where username='$username'";
	  $rst = odbc_exec($conn,$sql);
	  $qry = odbc_fetch_array($rst);
	  $g_area=$qry[territory];
	  session_register("g_area");
	  $g_multiarea = str_replace(",", chr(13), $g_area);
	  session_register("g_multiarea");
    }  
    else
    {
      // unsuccessful login
      do_html_header("Problem:");
      echo "You could not be logged in. 
            You must be logged in to view this page.";
      do_html_url("login.php", "Login");
      do_html_footer();
      exit;
    }      
}

check_valid_user();
setcookie("username", $username);
?>

<head>
<title>Zimnet A4 Menu</title>
</head>
<link rel="stylesheet" href="../styles.css" type="text/css">
<body style="background-color:white;">

<table width="100%"  border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
  <tr> 
    <td height="21" bgcolor="#495e83"></td>
    <td height="21" bgcolor="#495e83"></td>
  </tr>
  <tr> 
    <td height="120" align="left" valign="middle" bgcolor="#FFFFFF"> <img alt="" src="../images/company_name.gif" width="368" height="110"> 
    </td>
    <td align="right" width="287"><img alt="" src="../images/header_graphic.jpg" width="287" height="119"></td>
  </tr>
  <tr> 
    <td height="35" valign="middle" bgcolor="#495e83"> &nbsp; &nbsp; &nbsp; </td>
    <td bgcolor="#495e83"></td>
  </tr>
  <tr>
    <td height="1"><img alt="" src="../images/spacer.gif" width="1" height="1"></td>
    <td height="1"><img alt="" src="../images/spacer.gif" width="1" height="1"></td>
  </tr>
  <tr background="../images/links_bot_fill.gif">
    <td height="30">&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
</table>

<img src="../images/RightImage1570.jpg" alt="" name="zimpic1" width="112" height="533" align="right">
<script language="JavaScript" src="zam.js"></script>
<?
  $conn = df_conn();
  $sql="select top 10000 * from user_role where username='$username'";
  $rst = odbc_exec($conn,$sql);
  $qry = odbc_fetch_array($rst);
  echo "<script language=\"JavaScript\" src=\"zam_items_das.js\"></script>";
  
 if ($qry['role_code']=="DAS")  {
 echo "<script language=\"JavaScript\" src=\"zam_items_das.js\"></script>";
 }
 else if ($qry['role_code']=="DPC")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_dpc.js\"></script>";
 }
 else if ($qry['role_code']=="ACS")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACS.js\"></script>";
 }
  else if ($qry['role_code']=="ACP")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACP.js\"></script>";
 }
  else if ($qry['role_code']=="ACX")
 {
 echo "<script language=\"JavaScript\" src=\"zam_items_ACX.js\"></script>";
 }
 else if ($qry['role_code']=="ADM")
 echo "<script language=\"JavaScript\" src=\"zam_items_adm.js\"></script>";
?>
<table cellpadding="50" cellspacing="0" border="8" width="80%" style="background-color:white;position:absolute;top:180px;left:80px;">
<tr>
	<td>
	<script language="JavaScript">

	<!--//
		new tree (TREE_ITEMS, TREE_TPL);

	//-->
	</script>
	</td>
</tr>
</table>


<?

echo "<div class=\"loginas\">";
echo "<p>Welcome <br>$valid_user<br>($g_area)</p>";
echo "<div>";
ob_end_flush();
?>

Select allOpen in new window

I still get

Notice: Undefined variable: username in D:\edi\Zim_GlobalDA\adm\login_menu.php on line 9

You must be logged in to view this page.

You are not logged in.

I get this

A php.ini file is not loaded

when running your php file. I appreciate you a lot!

@HuaMinChen: PHP Register_Globals  is, and has always been, a bad idea and a dangerous practice.  Don't even think about using it.  Dependency Injection is the correct approach.
https://www.experts-exchange.com/articles/7317/Register-Globals-a-bad-idea-from-day-one.html

PHP 5.2 is obsolete, and has been obsolete for years.  Do not use PHP 5.2.  Do not listen to people who tell you to use PHP 5.2.  Instead, look at the upper right corner of http://php.net and choose one of the currently supported versions of PHP.  Download and install one of the current versions of PHP.

From this and some of your other questions it sounds like you may have "jumped into the deep end" of the PHP swimming pool and you could use a life raft.  There are many good learning resources for PHP, gathered into this article.  If you have a depth of experience in other computer science topics, you can skip over some of this.  But at least it will give you a chance to learn enough of the basics that you will be able to make your way forward in PHP.  More importantly, it will help you avoid the many terrible, dangerous, and outdated PHP examples that litter the internet!
https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html

Couple of other ideas, too.  You may want to refer back to this comment.  And you may want to consider using E-E Gigs to get some hands-on help from an expert.

Best of luck with your learning adventures! ~Ray