[UPHPU] receiving with $_REQUEST

Ben Reece breece at doba.com
Thu Feb 28 14:57:22 MST 2008


> I agree with this point, the one's that Josh mentioned, and the those 
> covered on DoughBoy's blog (the link phpninja provided) regarding well 
> designed code and personally rarely ever use REQUEST. My sole reason 
> for starting this thread was to inquire about the security side of it.
>
The only security concern I have regarding GET vs. POST, is that GET is 
often written to web server logs, where POST is usually not.  If you're 
passing anything especially sensitive (e.g. credit card numbers), and 
you're using GET, you may need to make sure you web server logs are 
protected with the same level of security as anywhere else that same 
data is stored.


More information about the UPHPU mailing list