> From: Henry [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, August 09, 2002 6:00 AM
> Subject: [PHP] Can I assign to $_POST legitimately
> I can do it but is it legit?
> $_POST['name']='henry';
> within a php script?
> if $_POST['name'] is not set. The clearly $_POST['name'] was 
> not posted!!

Yes, you can do that.  But I wouldn't do it because it's 'tainting' php supplied 
variables.  Once you do that, you won't really be sure if a variable was posted or 
supplied by your script.  It's probably more important for the person who follows in 
your footsteps and modifies the scripts -- as they may assume it's posted from a form, 
and yet isn't.  Could cause a lot of confusion, not for you, but for, perhaps, me.  If 
you do it though, you might be nice to the next guy/gal and put a nice note at the top 
of the script saying you're doing it.

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to