[UPHPU] Form Help

Mac Newbold mac at macnewbold.com
Fri Jun 24 10:58:00 MDT 2005


Today at 10:34am, dataw0lf said:

> Daniel Stephenson wrote:
>> Or just use $_REQUEST to handle both.
>
> Nay.  Explicit > implicit, when dealing with something that has security
> implications.

I grant you that, in general, that is true. However, in this case, it 
makes no difference. You can't trust data in $_POST or $_COOKIE any more 
than you can trust data in $_GET, because they're _all_ sent from the user 
and are subject to the user sending you whatever they want.

Mac

--
Mac Newbold		MNE - Mac Newbold Enterprises, LLC
mac at macnewbold.com	http://www.macnewbold.com/



More information about the UPHPU mailing list