From: "Red Wingate" <[EMAIL PROTECTED]> > AFAIK the content of the superglobal variables cannot be changed ( even > though i haven't found this in the docs i can remeber got beaten by PHP > for doing so :-) )
They can be changed and you can even add to them. $_SERVER['foo'] = 'bar'; is valid and now it's a superglobal, too. I wouldn't recommend relying on this, though. If you talking about the users changing the values of of superglobals then that's different. Users can't directly set $_SERVER values, for example, but they can pass values that may influence them. $_SERVER['HTTP_REFERRER'] comes from what the user supplies, for instance, so they are able to manipulate it. A user would not be able to set $_SERVER['SERVER_NAME'] or $_SERVER['PHP_SELF'], though. Which ones are safe or not just takes some research or asking. :) ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
