Lars Torben Wilson wrote:
Hi all,This patch is to address a working error I stumbled across today in the documentation for $_REQUEST. RCS file: /repository/phpdoc/en/language/predefined/variables/request.xml,v retrieving revision 1.6 diff -u -u -r1.6 request.xml --- en/language/predefined/variables/request.xml 23 Aug 2008 15:40:21 -0000 1.6 +++ en/language/predefined/variables/request.xml 4 Nov 2008 07:13:13 -0000 @@ -71,9 +71,11 @@ </note> <note> <para> - Variables provided to the script via the GET, POST, and COOKIE input - mechanisms, and which therefore cannot be trusted. The presence and - order of variable inclusion in this array is defined according to the + The variables in <varname>$_REQUEST</varname> are provided to the + script via the GET, POST, and COOKIE input mechanisms and + therefore could be modified by the remote user and cannot be + trusted. The presence and order of variables listed in this array + is defined according to the PHP <link linkend="ini.variables-order">variables_order</link> configuration directive. </para> Regards, Torben
What error? You simply reworded the text a bit to highlight what you see as the most important reason not to trust userdata ?
- Tul
