On Feb 28, 2008, at 12:28 PM, Wade Preston Shearer wrote:
It's obviously wise to only post a form using GET when you absolutely need to or there are no security concerns involved, but what about on the receiving end? Are there any reasons to not always receive with $_REQUEST? I have heard people say that you should only use $_REQUEST when you absolutely need to receive from both GET and POST, but if a hacker can simulate a POST just as easy as GET then how is it insecure?
Out of curiosity, what's your reason for using it? I've never run into a situation where I needed to receive both $_GET and $_POST. I think using explicit names makes my code better organized.
P.S. $_REQUEST also include cookies. _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
