> I'm not sure if it's true or not, but someone said all data coming
> through _POST and _COOKIES is filtered - making it safer than pulling
> the raw data from variables.
Filtered? Nothing is filtered. Only you know what data
the users should be sending, validate accordingly and
assume all request data is unsafe. The only "filter" I
see here is how the data is seperated by type, ex. only
GET is in $_GET.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php