Hello, > Not having read it, but I would assume that one of the recommended > settings is not to extrapolate ?test=1 into $test, as this was an > acknowledged source of security holes in php applications. - The point > being that issues like this will come up, and it will hint to developers > that they should start looking at using HTTP_POST/GET_VARS or $_GET or & > $_POST.
I have a problem with this approach: sometimes my page doesn't know how (with GET or POST) it gets it's data. It would be good if there were be an array which contains both of it's content. (For example, I usually use POST with a form. But often I call the same page with data generated by a script, in what case the ...?blah=Blah syntax needs much less typing... :) Circum --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
