> I'm not sure if it's true or not, but someone said all data coming > through _POST and _COOKIES is filtered - making it safer than pulling > the raw data from variables.
Filtered? Nothing is filtered. Only you know what data the users should be sending, validate accordingly and assume all request data is unsafe. The only "filter" I see here is how the data is seperated by type, ex. only GET is in $_GET. Regards, Philip Olson -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php