I'm not sure if it's true or not, but someone said all data coming through _POST and _COOKIES is filtered - making it safer than pulling the raw data from variables.
While you're forging cookies, I'll take a few chocolate chip ;) -----Original Message----- Considering the fact that anyone can forge GET, POST, & cookies, is there really any purpose in turning register_globals = Off ?? **************************************************************************** This message is intended for the sole use of the individual and entity to whom it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended addressee, nor authorized to receive for the intended addressee, you are hereby notified that you may not use, copy, disclose or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete the message. Thank you very much. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php