Have been receiving occasional emails that people couldn’t get past the login screen of the simple contacts app that accompanied my web database development article for MacWorld. Turns out that some people have manually upgraded their version of PHP beyond 4.12, which Jaguar ships with.
Great, but the gotcha is that later versions of PHP have register_globals turned off by default. This is a bummer for development convenience (the transparency of variable access has been something I’ve loved about PHP) but essential for security — now you have to carefully specify where a variable is expected to have originated — cookie, url, get, post, etc.
The upshot is that if you upgrade PHP, you have two choices:
1) Override the new default by setting register_globals=on in /usr/lib/php.ini, or
I’ve updated the sample contacts database to accommodate installations with register_globals=off, which is the newer, shinier, safer way to do it.