please help me fix a php sign in form?

It sounds like you were either using long arrays, which have been disabled by the upgrade (http://www.php.net/manual/en/ini.core.php#ini.register-long-arrays), or your script was relying upon http://php.net/manual/en/security.globals.php. To fix it (were it one of those issues), you'd need to migrate your code to use one of the http://www.php.net/manual/en/reserved.variables.php, depending on whether your form is using GET or POST.

I think you would need to understand the script to be able to fix it, sorry. A common thing would be that the way the script, which checks access, tries to get the users input does so in an old-fashioned way (what Smoosh Faced Lion has described). Can you post the scripts (1) generating the login page and (2) checking the input e.g. using http://www.friendpaste.com/? If you do, please check whether it includes e.g. a password to a database or other secret information. And of course in general providing source-code of a script allows others to find vulnerabilities.

I'm thinking it's related to Register Globals being depreciated (or disabled in php.ini). If it is you have two options:Update the script to reference variables properly. If the script references the username variable like $username and not like $_GET['username'] or $_POST['username'] change it to the appropriate $_GET or $_POST.You can enable the setting in php.ini (NOT RECOMMENDED)

Here's a http://friendpaste.com/59JoSblxHX5yadkg5jVKTd. Smoosh, if you'd be willing to look at it, I'll mefimail you the password (to the paste. Oxit, I mefi-mailed you. I really appreciate any help - this is a non-profit volunteer driven group and they don't have any programmers (any more). Just me. This is why we're getting the site re-designed.

The script tries to access username and password using the variable $HTTP_POST_VARS, which is http://php.net/manual/en/reserved.variables.post.php. Check line 143 and 145 of your Friendpaste script. Axismundi's comment is thus correct. However it most probably will not be enough to just change those two lines, because this way of accessing form input will be have been used throughout the application and in other files two. The code thus needs re-programming (refactoring) to be compatible with PHP5's standard settings. Alternatively, as axismundi's said, you can enable backwards-compatibility, which is http://www.php.net/manual/en/security.globals.php. Since your application will be replaced soon and if it does not contain sensitive information you might be ok to accept this risk. (Additional errors may still occur, I've only analysed up to this part).

Hi! Well, that form is working now - thanks so much! By looking at the deprecation info for $HTTP_POST_VARS I was able to replace the offending variables. If I run into the error elsewhere, at least now I'll know what to do. Thanks for the help - seriously, this was huge (because yes it will be replaced...eventually.)