$_POST Question in PHP

Question

public function doLogin($username,$password) {

I am getting the username and password as arguements and not using POST method in my form which is in flex, its using remote object.

Now how shall i recieve it down in PHP without using the formal way.

if (isset($_POST['username']) && isset($_POST['password']))
     {
        $username= $_POST['username'];
        $password= $_POST['password'];

I did a test, and the below code works and now i need a better way to receive which is also secure.

if($username == "rishi" && $password == "indian" ) 
      {
       return 'yes';

      }
      else {
       return 'no';
      }

Answer 1

You could use phpinfo() to find out where your parameters go. It seems that register_globals might be enabled which is not advisable.

Answer 2

As far as I can tell from your question, your problem is this:

Your page is hit from Adobe Flash, and apparently not with a POST request as the code that you wrote expects. How do you get at the username and password that are passed in?

If the request is not a POST, it is most likely a GET. You can then simply get the username and password from the $_GET array, as follows:

if ($_GET["username"] == "monkey" && $_GET["password"] == "bar") {
    echo "Success!";
}
else {
    echo "Not allowed";
}

You shouldn't actually code it like this though; this is just to illustrate how to get arguments from the $_GET array. However, without more information about what exactly you're trying to achieve I cannot give you any further tips.

Note: if you want your code to work with both GET and POST requests, you can also read the parameters from the $_REQUEST array. Watch out though, as cookies also end up in this array and can produce unexpected results if they have the same name.