> -----Original Message-----
> From: Erik Price [mailto:[EMAIL PROTECTED]]
> Sent: 09 January 2002 19:22
> I'm trying to write my code in accordance with the PHP 4.1.0 security 
> advisory -- that is, I want to use the $_GET and $_POST arrays when 
> grabbing variables passed with GET and POST forms.  But how should I 
> construct the variables for a "switch" statement?  I'm left confused, 
> since these aren't written with the "$" prefix as most 
> variables are...

Err -- yes, they are!

> Should it be:
>       case "_POST['insert']"
> or should it be:
>       case "$_POST['select']"

What's wrong with:

    case $_POST['insert']

But, if you insist on the quotes, it needs to be:

    case "{$_POST['insert']}"

to ensure that the array index gets processed properly.



Mike Ford,  Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS,  LS6 3QS,  United Kingdom
Tel: +44 113 283 2600 extn 4730      Fax:  +44 113 283 3211 

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to