Most of the items have been touched on when it comes to $_GET, $_POST and $_REQUEST. I honestly believe it is good practice to identify the variables you will be using and the method in which you receive them. This way you have complete control of how your application functions, leaving less room for error.
Another item is of course variable overlapping where you may have a POST and a GET with the same variable name, thereby over-writing one with the other.. Try to keep with good practice and remove the possibility of buggy code by specifying your post type. Getting into good practice will help down the road. -Will > > > > On Thu, Feb 28, 2008 at 1:28 PM, Alvaro Carrasco <[EMAIL PROTECTED]> > wrote: > > > Wade Preston Shearer wrote: > > > It's obviously wise to only post a form using GET when you absolutely > > > need to or there are no security concerns involved, but what about on > > > the receiving end? Are there any reasons to not always receive with > > > $_REQUEST? I have heard people say that you should only use $_REQUEST > > > when you absolutely need to receive from both GET and POST, but if a > > > hacker can simulate a POST just as easy as GET then how is it > > insecure? > > > > > > > > > wade > > > net > > Keep in mind that $_REQUEST will also include cookies, which might lead > > to unexpected results if you don't watch for it. You have to be > > especially careful if you are hosting multiple subdomains and some of > > them are using-domain wide cookies. > > > > Alvaro > > > > _______________________________________________ > > > > UPHPU mailing list > > [email protected] > > http://uphpu.org/mailman/listinfo/uphpu > > IRC: #uphpu on irc.freenode.net > > > > _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
