The variables are

In versions of PHP prior to 4.2, the register_globals setting in php.ini was set to On

by default. This setting tells PHP to create automatically ordinary variables for all the

values supplied in the request. In the previous example, the $name = $_GET['name'];

line is completely unnecessary if the register_globals setting were set to On, since PHP

would do it automatically. Although the convenience of this feature was one aspect of

PHP that helped to make it such a popular language in the first place, novice developers

could easily leave security holes in sensitive scripts with it enabled.

For a full discussion of the issues surrounding register_globals, see my article Write

Secure Scripts with PHP 4.2!i at sitepoint.com.

You can pass more than one value in the query string. Let's look at a slightly

more complex version of the same example. Change the link in the HTML file

to read as follows (this is welcome2.html in the code archive):

<a href="welcome2.php?firstname=Kevin&lastname=Yank"> Hi,

I'm Kevin Yank! </a>

1Prior to PHP 4.1, this variable was called $HTTP_GET_VARS. This variable name remains in current

PHP versions for backwards compatibility. If your server has an older version of PHP installed, or if

you're writing a script that must be compatible with older versions, you should use $HTTP_GET_VARS

instead of $_GET.

ihttp://www.sitepoint.com/article.php/758

Getting Started with PHP

This time, we'll pass two variables: firstname and lastname. The variables are

separated in the query string by an ampersand (&). You can pass even more

variables by separating each name=value pair from the next with an ampersand.

As before, we can use the two variable values in our welcome.php file (this is

welcome2.php in the code archive):

<?php

$firstname = $_GET['firstname'];

$lastname = $_GET['lastname'];

echo( "Welcome to my Website, $firstname $lastname!" );

This is all well and good, but we still have yet to achieve our goal of true user

interaction, where the user can actually enter arbitrary information and have it

processed by PHP. To continue with our example of a personalized welcome

message, we'd like to allow the user to actually type his or her name and have it

appear in the message. To allow the user to type in a value, we'll need to use an

HTML form.

Here's the code (welcome3.html):

First Name: <input type="text" name="firstname" /><br />

Last Name: <input type="text" name="lastname" /><br />

</form>