Processing Problem Related to "Hardened" PHP Environment

karwacki · December 22, 2010

My local IT department is migrating to a "hardened" LAMP/PHP environment. The PHP application at http://library.uww.edu/php/showrp.php is being moved to this new "hardened" environment and the "Title/Subject/Issue:" search option does not work in this environment.

The "Title/Subject/Issue:" search option does however work within the "non-hardened" environment at http://library.uww.edu/php/showrp.php.

Attached is the source code for the showrp.php.

What is likely causing the failure of the "Title/Subject/Issue:" search option.

[attachment deleted by admin]

BlueSkyIS · December 22, 2010

we need more than "does not work". what doesn't work? are there any errors? what happens?

karwacki · December 30, 2010

I have attached the error report.

From PHP 5.0.3 and after, predefined arrays such HTTP_GET_VARS are disabled by default. My IT department will NOT change the value of the "register_long_arrays" setting to "On" (due to performance issues). The IT department suggested a search-n-replace to change “$HTTP_GET_VARS” with “$_GET” or “$HTTP_POST_VARS” with “$_POST.” This did not work.

So the problem has been re-defined as the need to change how HTTP_GET_VARS and HTTP_POST_VARS are being handled (as shared in the original source code). Any ideas?

[attachment deleted by admin]

Pikachu2000 · December 30, 2010

Best guess without seeing the code would be that register_globals was also on in the old environment. Thus, as a result of it not being on in the new environment, none of the variables derived from POST and GET are assigned values any longer.

karwacki · December 30, 2010

The source code was an attachment to my first e-mail message and I have pasted it below as well.

<?php
   @ require ("xx.xxx.php");
    
   $limit = 50;
   $pageLimit = 20;
   $t = "    ";
   $CLASS = 'lib';
   $defineArt = 'Title';
    
   if (!$page = $HTTP_GET_VARS

) {
      $page = 1;
   }
   $start = ($page - 1) * $limit;
    
   $title = htmlspecialchars($HTTP_GET_VARS[title]);
   $cleantitle = stripslashes($title);
   $name = htmlspecialchars($HTTP_GET_VARS[nom]);
   $cleanname = stripslashes($name);
   $browse = htmlspecialchars($HTTP_GET_VARS[browse]);
    
   //  (roles Author Compiler Illustrator Photographer Subject VIP) use.
   $descrip = array("a" => "Illustrations", "b" => "Photographs", "c" => "Portraits", "d" => "Maps", "e" => "Charts", "f" => "Music", "g" => "Forms", "h" => "Facsimiles", "i" => "Plans", "j" => "GenealTables", "k" => "Samples");
    
   // OPEN MYSQL CONNECTION
    
   $conn = mysql_connect($host, $user, $pass);
   mysql_select_db($db, $conn);
    
   // ARRAY DISTINCT DECADES YEARS MONTHS DAYS
    
   $year_q = @ mysql_query("select distinct YMD from xxxxxxxx1 order by YMD");
   while ($rw = mysql_fetch_row($year_q)) {
      $ymd[] = $rw[0];
   }
   foreach($ymd as $y_m_d) {
      list($y, $m, $d) = split("-", $y_m_d);
      $de = substr($y, 0, 3);
      $dec_yr_mon_day[$de][$y][$m][] = $d;
   }
    
   //PAGE TITLE
    
   $page_title = "Royal Purple Index: ";
    
   if ($title || $name) {
      $page_title .= "Search(";
      if ($title) {
         $page_title .= " $cleantitle";
      }
      if ($name) {
         $page_title .= " $cleanname";
      }
      $page_title .= " )";
   }
   else if ($browse) {
      if (strlen($browse) == 3) {
         $page_title .= $browse.'0s';
      } else {
         $page_title .= $browse;
      }
   } else {
      $page_title .= substr(end($ymd), 0, 3).'0s ';
   }
   $page_title .= " / Page $page";
    
    
   $WHERE = "";
    
   if ($title) {
      $WHERE = "WHERE (xxxxxxxx1.ArticleTitle LIKE '";
      if ($HTTP_GET_VARS[stype] != "^") {
         $WHERE .= "%";
      }
      $WHERE .= "$title%' OR xxxxxxxx1.ArticleSubtitle LIKE '%$title%'  OR xxxxxxxx1.Subject1 LIKE '%$title%' OR xxxxxxxx1.Subject2 LIKE '%$title%' OR xxxxxxxx1.Subject3 LIKE '%$title%' OR xxxxxxxx1.YMD LIKE '%$title%' OR xxxxxxxx1.Notes LIKE '%$title%')";
   }
   if ($name) {
      $name = trim($name," .\n");
      $name = preg_replace("/[\s,\.]+/",',',$name);
      list($Lname,$Fname,$Mname) = split("[,. ]", $name);
      $Lname=trim($Lname);
       
      if ($WHERE != "") {
         $WHERE .= " AND xxxxxxx2.LastName LIKE '";
      } else {
         $WHERE = "WHERE xxxxxxx2.LastName LIKE '";
      }
       
      $WHERE = "INNER JOIN xxxxxxx2 USING(ID) ".$WHERE;
       
      if ($_GET[role] == "r") {
         $more = "(xxxxxxx2.Role LIKE '%Subject%' OR xxxxxxx2.Role LIKE '%VIP%')";
      } else {
         $more = "xxxxxxx2.Role NOT LIKE '%Subject%' AND xxxxxxx2.Role NOT LIKE '%VIP%'";
      }
      if ($Mname) {
         $Mname = trim($Mname);
         $Fname = trim($Fname);
         $WHERE .= "$Lname%' AND xxxxxxx2.FirstName LIKE '$Fname%' AND xxxxxxx2.MIddleInitial LIKE '$Mname%' AND $more";
      } else if ($Fname) {
         $Fname = trim($Fname);
         $WHERE .= "$Lname%' AND xxxxxxx2.FirstName LIKE '$Fname%' AND $more";
      } else {
         $WHERE .= "$Lname%' AND $more";
      }
   }
    
    
   if ($title == '' && $name == '' && $browse == '') {
      $browse = substr(end($ymd), 0, 3);
   }
   if ($browse != "") {
      $WHERE = "WHERE xxxxxxxx1.YMD ";
      $WHERE .= "LIKE '$browse%'";
   }
//   else if ($title == '' && $name == '' && $browse == '') {
//      $browse = substr(end($ymd), 0, 3);
//   }
    
    
   $WHERE .= " ORDER BY xxxxxxxx1.YMD DESC, xxxxxxxx1.ArticleTitle ASC";
    
   $role_value = "";
   if ($HTTP_GET_VARS[role] == "r") {
      $role_value = "checked='checked' ";
   }
    
   $main_content = <<< EOF


<!-- BEGIN MAIN CONTENT HERE  -->
<div><!--BEGIN xxxxxx4 -->
<form method="get" name="search" id="search_x" action="<?php echo $PHP_SELF;?>">
<table style="margin-left: auto; margin-right: auto;">
<tr>
<td>
<label for="title" accesskey="T">Title/Subject/Issue: </label>
<input type="text" size="40" name="title" id="title" value="$cleantitle" />
</td>
<td>
<label for="nom" accesskey="A">Name: </label>
<input type="text" size="40" name="nom" id="nom" value="$cleanname" />
</td>
</tr>

<tr>
<td>
Issue:  YYYY-MM-DD numeric date format 
</td>
<td>
Name: Lastname, Firstname. Default as Author, Photographer, Illustrator, etc.
</td>
</tr>
<tr>
<td>
</td>
<td>
<label for="role">as Subject: </label>
<input type="checkbox" name="role" id="role" value="r" $role_value />
</td>
</tr>
<tr>
<td colspan="2" style="text-align: right; padding-right: 5em;"><input type="submit" value="search" /><input type="button" value="Reset" onclick="clearAll()" />
</td>
</tr>
</table>
</form>
<h1>Royal Purple Index: Electronic & Print</h1>
EOF;



$decadeYear = buildNav($browse,$dec_yr_mon_day);
$main_content .='<div id="info"><h4><a href="http://www.royalpurplenews.com">Most current issue of Royal Purple</a></h4></div>';
$main_content .='<div id="RPresults">';
$main_content .=$decadeYear;



if ($WHERE != "") {
   $query = "SELECT DISTINCT 
   xxxxxxxx1.ID,
   xxxxxxxx1.ArticleTitle,
   xxxxxxxx1.ArticleSubtitle,
   xxxxxxxx1.Volume,
   xxxxxxxx1.Issue,
   xxxxxxxx1.YMD,
   xxxxxxxx1.SectionTitle,
   xxxxxxxx1.Pages,
   xxxxxxxx1.Descr,
   xxxxxxxx1.Subject1,
   xxxxxxxx1.Subject2,
   xxxxxxxx1.Subject3,
   xxxxxxxx1.Notes
   FROM xxxxxxxx1 $WHERE";

   //H2RESULTS

   if ($HTTP_GET_VARS[showall] != "true") {
       $query .= " LIMIT $start,$limit";
   } else {$start = '0';}
   
   $result = @ mysql_query($query);

   $date =  mysql_result(mysql_query("SELECT Last FROM xxxxxxx3 WHERE ID = '1'"), 0);
   $totalCount = @ mysql_result(mysql_query("SELECT COUNT(DISTINCT xxxxxxxx1.ID) FROM xxxxxxxx1 $WHERE"), 0);
   $count = @ mysql_num_rows($result);

   if ($HTTP_GET_VARS[showall] == "true") {
      $page_title = substr($page_title,0,strrpos($page_title,"/")+2);
      $page_title .=$totalCount." Results";
   }

   if($totalCount < $count) {$count = $totalCount;}   
   if ($count != 0) {
      if ($title || $name) {
      $h2results = "<h2>Results (".($start + 1)."-".($start + $count)." of $totalCount) <br /> for ";
         if ($title) {
            $h2results .= " Title: <i>$cleantitle</i>";
         }
         if ($name) {
            $h2results .= " Name: <i>$cleanname</i>";
         }
         $h2results .= "</h2>";
      }
      else {
         $h2results = "<h1>";
      $h2results = "<h2>Results (".($start + 1)."-".($start + $count)." of $totalCount) <br /> for ";

            if(strlen($browse) == 3) {$h2results .= $browse.'0s';} 
            else {$h2results .=$browse;}

         $h2results .= "</h2>";
      }
      $out=$h2results.'</div><!-- navbar -->';

   //SHOWALLFORM

   if ($totalCount >= $limit && $HTTP_GET_VARS[showall] != "true") {

      if(strlen($browse) != 3) {
         $showallform = "<div id=\"showallform\"><form method='get' action='".$_SERVER['PHP_SELF']."' style='padding: 0; margin: 0;'>Result pages (".(ceil($totalCount / $limit))."): ";
         foreach (array_keys($HTTP_GET_VARS) as $tmpArray) {
            $showallform .= "<input type='hidden' name='$tmpArray' value='".$HTTP_GET_VARS[$tmpArray]."' />";         
         } // foreach array_keys
         $showallform .= "<input type='hidden' id='sum' name='sum' value=".$totalCount." /><input type='hidden' name='showall' value='true' /><input id='submitall' type='submit' value='Show all' /></form>";
         }
         elseif(strlen($browse) == 3) {
         $showallform = "<div id=\"showallform\">Result pages (".(ceil($totalCount / $limit))."): <br />";
         }
         
         if ($page <= 1) { 
            $pageStart= 0;
         }
         else {
            $showallform .= buildLink($page - 1, "Previous")." | ";
         }
         $pageStart = $page - ($pageLimit / 2) - 1;
         if ($pageStart < 1) { $pageStart = 0; };
      
         for ($i = $pageStart; $i < ($page + ($pageLimit / 2) - 5) && $i * $limit < $totalCount; $i++) {
            if ($i != $pageStart) {
               $showallform .= " | ";
            }
            if ($page != ($i + 1)) { 
               $showallform .= buildLink($i + 1);
            }
            else { $showallform .= "<strong>".($i + 1)."</strong>"; }
         } //for $i
         
         if ($page * $limit < $totalCount) {
            $showallform .= " | ".buildLink($page + 1, "Next");
         }
         $showallform .= "</div><!-- showallform -->";
   } // if $totalCount
   $out .= $showallform."<br />";  

   //TABLE

      $out .= "\n<table id='rparts' cellspacing='0' border='1' summary =' '><tr><th style='width: 50%'>RP Article</th><th><div id='lft'>Subjects/Names</div><div id='rte'>*=important</div></th></tr>\n";
      $lastrpID="";
      while ($row = mysql_fetch_row($result)) {
         $ID = $row[0];

         if($ID != $lastrpID) {              
         $ArticleTitle = $row[1];
         $ArticleSubtitle = $row[2];
         $Volume = trim($row[3]);
         $Issue = trim($row[4]);
         $YMD = $row[5];
         $SectionTitle = $row[6];
         $Pages = $row[7];
         $Descr = trim($row[8]);
         $Subject1 = trim($row[9]);
         $Subject2 = trim($row[10]);
         $Subject3 = trim($row[11]);
         $Notes = trim($row[12]);
         
         $span = "";
         if(!$SectionTitle) {$SectionTitle='';$slash="";} else {$slash=' / ';}

         $out .= " <tr ><td><dl><dt>$defineArt</dt><dd>$ArticleTitle";
         if ($ArticleSubtitle) { $out .= " ($ArticleSubtitle)"; } 
         $out .='</dd>';
         $out .= "<dt>Royal Purple $YMD</dt>";

         //want to insert authors here
      
         $p1query = "SELECT * FROM xxxxxxx2 WHERE ID='$ID' and Role not like upper('%Subject%') and Role not like upper('%VIP%') order by LastName";
         $p1result = mysql_query($p1query);

//         // 0 ID; 1 LastName; 2 FirstName; 3 MiddleInitial; 4 NickName; 5 Role
//
//         while ($p1row = mysql_fetch_row($p1result)) {
//            $P1LastName = trim($p1row[1]);
//            if ($p1row[2] != "") {
//               $P1LastName .=", $p1row[2] $p1rowp[3]  $p1row[5]";
//            } 
//            else {
//            $P1LastName .= "  $p1row[5]";
//            }
//         $out .= "<dd>$P1LastName</dd>";
//         } //while $p1row
//

         // 0 ID; 1 LastName; 2 FirstName; 3 MiddleInitial; 4 NickName; 5 Role

         while ($p1row = mysql_fetch_row($p1result)) {
            $P1LastName = "$p1row[5]  ".trim($p1row[1]);
            if ($p1row[3] != '') {
               $P1LastName .= ", $p1row[2] $p1row[3]";
            }   
            else if ($p1row[2] != "") {
               $P1LastName .= ", $p1row[2]";
            } else {
               $P1LastName .= "";
            }
            $out .= "<dd>$P1LastName</dd>";
         } //While $p1row

         if ($Volume) { $out .= "<dd>vol. $Volume";}
         if ($Issue) { $out .= ", issue $Issue";}
         if ($Volume || $Issue) {$out .= "</dd>";}
         if ($Pages) { $out .= "<dd>Page $Pages$slash$SectionTitle</dd>";}

         if ($Descr) {
            $subdesc = preg_split('//', $Descr, -1, PREG_SPLIT_NO_EMPTY);  
               $out .= "<dd>";
               foreach ($subdesc as $val) {
                  $out .= "$descrip[$val]. ";
                     }
               $out .="</dd>";
            }
         if ($Notes) {$out .= "<dt>Note</dt><dd>$Notes</dd>";}

         $out .= "</dl></td><td>\n";

         if ($Subject1) {$br ='<br />';} else {$br='';}
         if ($Subject1) {$out .= "<dl><dt>Subjects:</dt><dd><ol><li>$Subject1</li>";}
         if ($Subject2) {$out .= "<li>$Subject2</li>";}
         if ($Subject3) {$out .= "<li>$Subject3</li>";}

         $pquery = "SELECT DISTINCT * FROM xxxxxxx2 WHERE ID='$ID' and (Role like upper('%Subject%') or Role like upper('%VIP%')) order by LastName";
         $presult = mysql_query($pquery);
         $lastID = "";

//         while ($prow = mysql_fetch_row($presult)) {
//            $PLastName = trim($prow[1]);
//            if ($prow[2] != "") {
//               $PLastName .=", $prow[2]";
//            } 
//
//            $PID = $prow[0];
//            if ($lastID != $PID) {
//               if ($lastID != "") { $out .= "</ol></dd></dl></td></tr><tr >\n"; }
//               $vip=trim($prow[5]);
//               if($vip !='VIP') {$vip="";} else {$vip="*";}
//               $out .= "</ol></dd><dt>Names as Subject:</dt><dd><ol><li>$PLastName$vip</li>";
//            }
//
//            else { $out .= "<li>$PLastName$vip</li>"; }
//
//            $lastID = $PID;
//
//         } //while $prow
//

         while ($prow = mysql_fetch_row($presult)) {
            $PLastName = trim($prow[1]);
            if ($prow[3] != "") {
               $PLastName .= ", $prow[2] $prow[3]";
            }
            else if ($prow[2] != "") {
               $PLastName .= ", $prow[2]";
            }
            $PID = $prow[0];
            if ($lastID != $PID) {
               if ($lastID != "") {
                  $out .= "</ol></dd></dl></td></tr><tr >\n";
               }
               $vip = trim($prow[5]);
               if ($vip != 'VIP') {
                  $vip = "";
               } else {
                  $vip = "*";
                  $PLastName = trim($PLastName);
               }
               $out .= "</ol></dd><dt>Names as Subject:</dt><dd><ol><li>$PLastName$vip</li>";
               }
             
               else
               {
                  $out .= "<li>$PLastName$vip</li>";
               }
                   
            $lastID = $PID;
                   
         } //while $prow

         $out .= "</ol></dd></dl></td>\n </tr>\n";

         } //if $ID
         $lastrpID = $ID;

      } //while $row
      $out .= "</table><br />";

      //SHOWALLFORMB, H2RESULTS, NAVBARB:decadeYear, 

      $showallform = str_replace("showallform","showallformB",$showallform);
      $showallform .= $h2results;
      $out .= $showallform;
      $search=array('navbar','decade','year','month','day','myform');
      $replace=array('navbarB','decadeB','yearB','monthB','dayB','myformB');
      $decadeYear = str_replace($search,$replace,$decadeYear);
      $decadeYear .='</div><!-- navbarB --><br />';
      $out .= $decadeYear;
   } // if $count!=0
   else {
      $out .= "<br /><span id='big'>No records found</span></div><!-- navbar -->";
   }
} // if WHERE
else {
   $out .= "<br /><span id='big'>No records found</span></div><!--navbar -->";
}

$main_content .= $out."</div><!-- end of rpResults -->";
include('rp.tmpl.php');

function buildLink($linkPage, $title="") {
   if ($title == "") { $title = $linkPage; }
   global $HTTP_GET_VARS;
   if ($title == "") { $title = $linkPage; }
   $lReturn = "<a href='xxxxxx4.php?"; 
   foreach (array_keys($HTTP_GET_VARS) as $tmpArray) {
      if ($tmpArray != "page") {
         $lReturn .= "$tmpArray=$HTTP_GET_VARS[$tmpArray]&";         
      }
   }
   if ($title == "(Show All)") {
      $lReturn .= "showall=true";
   }
   else {
      $lReturn .= "page=$linkPage";
   }
   $lReturn .= "'>$title</a>"; 
   return $lReturn;

}


function buildNav($browse,$dec_yr_mon_day) {

$startselect1 = '<div id="navbar"><form action="xxxxxx4.php" method="get" id="myform" name="myform">Decade:  <select name="decade" id="decade">';
$startselect2 ="  Year:  <select name=\"year\" id=\"year\">";
$startselect3 ="  Month:  <select name=\"month\" id=\"month\">";
$startselect4 ="  Day:  <select name=\"day\" id=\"day\">";         
$endselect1 = '</select>';
$endselect2 = '</select>';
$endselect3 = '</select>';
$endselect4 = '</select>';
$endform = '</form>';

$ddd=array_keys($dec_yr_mon_day);
$yy='';
$mm='';
$dd='';
$all_select_yy='All';
$all_select_mm='All';
$all_select_dd='All';

switch (strlen($browse) ) {

case 0:
$end_ddd='';

break;

case 3:
//DDD  DECADE
$end_ddd=$browse;

$all_select_yy='Select';
$yy=array_keys($dec_yr_mon_day[$end_ddd]);
$end_yy=end($yy); 


break;

case 4:
//YYYY  YEAR
$end_ddd=substr($browse,0,3);
$end_yy=$browse;
$all_select_mm='Select';

$yy=array_keys($dec_yr_mon_day[$end_ddd]);
$mm =array_keys($dec_yr_mon_day[$end_ddd][$end_yy]);
$end_mm = end($mm);


break;

case 7:
//YYYY-MM  MONTH
list($end_yy,$end_mm)=split('-',$browse);
$end_ddd=substr($end_yy,0,3);

$all_select_dd='Select';
$yy=array_keys($dec_yr_mon_day[$end_ddd]);
$mm =array_keys($dec_yr_mon_day[$end_ddd][$end_yy]);
$dd=$dec_yr_mon_day[$end_ddd][$end_yy][$end_mm];
$end_dd=end($dd); 

break;

case 10:
//YYYY-MM-DD  DAY
list($end_yy,$end_mm,$end_dd)=split('-',$browse);
$end_ddd=substr($end_yy,0,3);

$all_select_dd='All';
$yy=array_keys($dec_yr_mon_day[$end_ddd]);
$mm=array_keys($dec_yr_mon_day[$end_ddd][$end_yy]);
$dd=$dec_yr_mon_day[$end_ddd][$end_yy][$end_mm];

break;
}

$all_ddd='<option value="'.end($ddd).'">Select</option>';
$all_yy='<option value="'.$end_ddd.'">'.$all_select_yy.'</option>';
$all_mm='<option value="'.$end_yy.'">'.$all_select_mm.'</option>';
$all_dd='<option value="'.$end_yy.'-'.$end_mm.'">'.$all_select_dd.'</option>';

if($ddd) {
foreach($ddd as $dec){
   $select1 .= '<option value="'.$dec.'" '.($end_ddd==$dec?'selected="selected"':null).'>'.$dec.'0s'.'</option>';
   if($end_ddd==$dec) {
      $all_ddd='';
      } 
      
}
}
if(!$yy) {
   $all_yy='';
   $startselect2='';
   $endselect2='';
   $select2 ='  Years:  <input type="text" name="year" id="year" size="3" value="All" readonly="readonly" />';
} else {
foreach($yy as $yr) {
   $select2 .= '<option value="'.$yr.'" '.($browse==$yr?'selected="selected"':null).'>'.$yr.'</option>';
   if(count($yy) == 1) {
      $browse=$yr;
      $mm =array_keys($dec_yr_mon_day[$end_ddd][$end_yy]);
      $end_mm = end($mm);
      $all_yy='';
      $startselect2='';
      $endselect2='';
      $select2 ='  Year:  <input type="text" name="year" id="year" size="4" value="'.$yr.'" readonly="readonly" />';
      } 

}
}
if(!$mm) {
   $all_mm='';
   $startselect3='';
   $endselect3='';
   $select3 ='  Months:  <input type="text" name="month" id="month" size="3" value="All" readonly="readonly" />';
} else {
foreach($mm as $mon) {
   $check=$browse;
   if(strlen($browse)>7) {$check=$end_yy.'-'.$end_mm;}
   $select3 .= '<option value="'.$end_yy.'-'.$mon.'" '.($check==$end_yy.'-'.$mon?'selected="selected"':null).'>'.$mon.'</option>';
   if(count($mm) == 1) {
      $dd =$dec_yr_mon_day[$end_ddd][$end_yy][$end_mm];
      $end_dd=end($dd);
      $all_mm='';
      $all_dd='<option value="'.$end_yy.'-'.$end_mm.'">Select</option>';
      $startselect3='';
      $endselect3='';
      $select3 ='  Month:  <input type="text" name="month" id="month" size="2" value="'.$mon.'" readonly="readonly" />';
      } 
}
}
if(!$dd) {
   $all_dd='';
   $startselect4='';
   $endselect4='';
   $select4 ='  Days:  <input type="text" name="day" id="day" size="3" value="All" readonly="readonly" />';
} else {
foreach($dd as $day) {
   $select4 .= '<option value="'.$end_yy.'-'.$end_mm.'-'.$day.'" '.($browse==$end_yy.'-'.$end_mm.'-'.$day?'selected="selected"':null).'>'.$day.'</option>';
   if(count($dd)==1) {
      $all_dd='';
      $startselect4='';
      $endselect4='';
      $select4 ='  Day:  <input type="text" name="day" id="day" size="2" value="'.$day.'" readonly="readonly" />';
   } else if(strlen($browse)==10){
      $all_dd='<option value="'.$end_yy.'-'.$end_mm.'">All</option>';
      }
}
}

$navbar.= $startselect1.$all_ddd.$select1.$endselect1;
$navbar.= $startselect2.$all_yy.$select2.$endselect2;
$navbar.= $startselect3.$all_mm.$select3.$endselect3;
$navbar.= $startselect4.$all_dd.$select4.$endselect4.$endform;

return($navbar);

}   

?>

MOD EDIT:

 . . .

tags added.

Pikachu2000 · December 30, 2010

What is the new set of errors you're getting?

karwacki · December 30, 2010

If I change change “$HTTP_GET_VARS” to “$_GET” and “$HTTP_POST_VARS” to “$_POST,” the notices and warnings are:

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 23

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 28

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 30

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 32

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 136

Notice: Undefined variable: PHP_SELF in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 150

Notice: Undefined variable: end_mm in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 564

Notice: Undefined variable: select1 in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 568

Notice: Undefined variable: select2 in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 582

Notice: Undefined variable: navbar in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 635

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 211

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 221

Notice: Undefined variable: GET in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 251

Warning: array_keys(): The first argument should be an array in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 467

Warning: Invalid argument supplied for foreach() in /xxx/www/xxxxxx/xxx/library/xxxxxxxxxxx/showrp.php on line 467