I wanted to attach one more point (esp. since this is an ecomm solution), you should also check your POST variables (in addition to the GET varaibles) to make sure they are clean and what are expected. It's not that hard to change posted values.
Bobby "Daniel J. Rychlik" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > PHP is, arguably, the better way to go when developing an ecomm solution. > This list is full of very intelligent programmers that will help or direct > you to the proper documentation. > If you use $_GET you will be able to pass value pairs in the url. Make sure > that in your data check script that you specifically assign variables to > your $_GET in order to prevent malicious use. $HTTP_POST_VARS is probably a > better way to go here. Its cross platform and will almost guarantee that > you will be able to use on any server. > > $HTTP_POST_VARS['name']; > $HTTP_POST_VARS['email']; > > > Good Luck! > -Dan > > ----- Original Message ----- > From: "Larry R. Sieting" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, June 27, 2003 5:22 PM > Subject: [PHP] Newbie and learning > > > > Hello All, > > > > I have been reading and digesting information from this list for about two > > weeks now. > > > > I am doing some work and testing (both) and learning php on the way. > > > > Now I have seen several replies about using $_GET[] and $_POST[] and that > > if you ARE sending variables using the URL you _should_ use $_GET[] > whereas > > if you are _not_ passing variables in the URL you should use $_POST[]. > > > > Is this correct? I just want to make sure I have it in my mind so that > > when I start passing info via url I use the right method. I ask this > > because I have a friend that wants to have me setup an e-commerce site for > > him. I am trying to decide if I should use ASP (gasp) or PHP (yeah). It > > will be a db driven site which will have images in the db and probably > > multiple tables with inner and outer joins and search systems. > > > > Yes, I have the 4000+ (pdf) page manual on my system and refer to it and > > read sections of it at a time (chunk). And I hope that I will be able to > > answer most of my own questions there or in other resources before I have > > to submit to the list. > > > > Thanks. > > > > Larry R. Sieting > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
