On Feb 28, 2008, at 2:57 PM, Ben Reece wrote:
I agree with this point, the one's that Josh mentioned, and the
those covered on DoughBoy's blog (the link phpninja provided)
regarding well designed code and personally rarely ever use
REQUEST. My sole reason for starting this thread was to inquire
about the security side of it.
The only security concern I have regarding GET vs. POST, is that GET
is often written to web server logs, where POST is usually not. If
you're passing anything especially sensitive (e.g. credit card
numbers), and you're using GET, you may need to make sure you web
server logs are protected with the same level of security as
anywhere else that same data is stored.
Good point. Also, in an SSL transaction, POST variables are encrypted
but GET variables are not.
_______________________________________________
UPHPU mailing list
[email protected]
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net
