Well, the $_GET['flag'] var will just be a character based flag but inside the if statement I'm planning on getting some few class to initiate but will not require using the $_GET['flag'].
Can an if statement be bypass if the $_GET['flag'] value is not escaped? Cheers, Jeff On Tuesday, August 28, 2012 9:45:16 PM UTC+12, David Neilsen wrote: > > It really depends on what else your doing with the request. > > > David Neilsen | 07 834 3366 | PANmedia ® > > > On Tue, Aug 28, 2012 at 9:41 PM, jeff <[email protected] > <javascript:>>wrote: > >> Hi David, >> >> Thank you for your reply. >> >> Does it make the system secure if a $_GET value is first escaped before >> used in an if statement? >> >> Kind Regards, >> Jeff >> >> >> On Tuesday, August 28, 2012 9:22:11 PM UTC+12, jeff wrote: >>> >>> Hi, >>> >>> Is make it more secure if a $_GET value is escaped on an if statement? >>> >>> ie. if( $_GET['flag']=='1' ) >>> >>> Cheers, >>> Jeff >>> >>> >>> -- >> NZ PHP Users Group: http://groups.google.com/group/nzphpug >> To post, send email to [email protected] <javascript:> >> To unsubscribe, send email to >> [email protected] <javascript:> >> > > -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
