> However, both of these "solutions" create the same security issue that > turning RegisterGlobals on took care of in the first place. :)
Howcome? I don't think I understand that... Is the security issue not with the fact that you're POSTing og GETing variables rather than the way you do it? Would extract()'ing them with an include script not have the exact same (lack of) security as doing $_POST[myVar] in the script? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
