I recently "inheirited" a php site and I've learned that new versions of php set the register_globals directive in php.ini to off by default. This is a problem since all of the code in this site is written assuming that they register_globals is on, but it is off on the server I'm developing on.

My question is, is there a reason why I should switch all the pages over to using $_GET to extract the values from the query string rather than resetting register_globals?

If future versions of php are going to also set register_globals to off by default, that's an obvious reason to swtich, since the code will continue to break in the future, but I'm guessing some of the php experts here might have other reasons for me to choose one method over the other.

Yes, it is definitly better to not use register_globals. The reason that it has been turned off by default is mainy because using them introduces a lot of security concerns. Also, I'm fairly certain that now that they have been disabled by default, they will continue to remain so. You might be interested in reading this: http://us4.php.net/manual/en/security.registerglobals.php.

Thank you, I guessed there might be security concerns, I will be switching away from registered_globals then.

Good deal... :) It's also good for portability, as not all servers have register_globals enabled.