Posted by no-1 on 10/15/84 11:44

is $us a "POST/GET" variable? Global_variables are turned OFF (as they
should be) and you should change the code to $_POST['us'] or use this
at the beginning of your script:

if (!empty($_GET))
{
extract($_GET);
}
else if (!empty($HTTP_GET_VARS))
{
extract($HTTP_GET_VARS);
}

if (!empty($_POST))
{
extract($_POST);
}
else if (!empty($HTTP_POST_VARS))
{
extract($HTTP_POST_VARS);
}


Using a database for your username/pwd, you need to be very careful to
make sure that the data received does not include sql-injection (sear
google for scripting that can help prevent it....)

[Back to original message]