Is there an easier way to assign all post data from a form to session data?
Eg.,
$_SESSION['first_name'] = $_POST['first_name']; $_SESSION['last_name'] = $_POST['last_name'];
$_SESSION['email'] = $_POST['email'];
Never pass in data from any external source without explicitly validating it. You could run into some serious crap if malicious users attempt to pass in very large chunks of BS into random $_POST variables, and you simply save it in $_SESSION. For instance, if you have any quota, you might exceed it in a single bound, and your whole site would stop working.
so, the way you're doing it is a lot better than any other options, but I would add in checks to the values before you save them in $_SESSION.
Greg
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
