View Full Version : well....what am I doing wrong ?

c q
08-06-2002, 05:31 PM
U ppl really have to bear with me. I'm famous for making looots of stupid
Well, here's the latest.
Suppose I got a standard template called cbit.php, that,lets say looks


Ok, and I got another page, with some links. What I'm trying to do is to
pass the variable 'target' (which contains the requested filename) on to
cbit.php here's part of that code..
file : some.php

<a href='cbit.php?target="some_vague_file.php"'>Some Vague File</a>

I juss cant get why this doesn't work ! It keeps flashing err 'Use of
undefined constant target - assumed constant 'target' in E:/cbit/cbit.php
on line 43. Actually from what I understand, isn't $target supposed to
fetch the value too ?
But when I replaced the code with a simple print($HTTP_GET_VARS[target]);
still gave the same err, but also displayed the correct contents of that
variable. I even tried passing the absolute address using urlencode, but no

Suggestions ???


08-06-2002, 07:08 PM
Here is what I did:

file: aaa.php contents:
echo"here is aaa";

file: inc.php contents:

file links.php contents:
<a href="inc.php?inc_file=aaa.php">File aaa</a>

This seems to work, in your example I would try to change

I hope this helps,


Scott Pier
Amalla International
For all your Internet Needs

08-06-2002, 07:31 PM
security notes:

It is considered sensible to hardcode a partial path to the include files within the calling tag - this stops people exploring your documents remotely. ie, I could type in the url bar the following
"inc.php?inc_file=../../usr/pwd/password.txt" and if my script had guessed a filename I'd be reading your hidden files.

It also might be an idea to set a default value for $target


if($HTTP_GET_VARS) {extract($HTTP_GET_VARS); }
$path = '/subfolder/';
if(!isset($target) || $target=="") {$target = "home.php";}

as to the linking bit

echo '<a href="index.php?target='.$target.'">';

08-07-2002, 06:42 PM
your problem is really caused by the disabling of vars passed in the stream.

c q
08-08-2002, 09:40 AM
actually....I found that I juss had to set register globals 'on' in the php.ini file
now it works like magic :D

08-08-2002, 04:07 PM
That's a workaround, your initial problem comes from the use of an undefined constant as the key to retrieve a value from $HTTP_GET_VARS.

I suppose you have the error reporting set to E_ALL. Then you'll receive the particular error message you wrote any time you do


which is incorrect, correct form would be


See the difference? As to the where and why, it's all explained in much detail at http://se.php.net/manual/en/language.types.array.php#language.types.array.foo-bar .

Just in case you run into the same trouble again... you can't solve that generally by adjusting register_globals. ;)

c q
08-09-2002, 05:39 PM
heyyy many thanks...I never realised that...