Mar 10 at 9:45am, Five wrote: > If I have some snap and I want to see some other employee's info I can > then type it into the URL > http://www.foo.com/employee.php?eid=bstreisand > > The rules for usage come down to this - A little common sense goes a > long way. There are really no specific rules.
On that note, something to keep in mind is that GET variables (being part of the URL) are written to server logs. Depending on the data being passed, this could be a security issue (especially in a shared hosting environment where untrusted users may have access to the logs). -- Kelly Hallman // Ultrafancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
