Hello afan, Wednesday, June 8, 2005, 4:33:24 PM, you wrote: aan> My question though was is the difference in code I mentioned just aan> a "habit of writing code" or there is some more? Some security aan> issues too? It was most likely just a coding habit - there was no discernable difference between having one clean variable for each $_POST value, than having one array holding all values. It was probably just a way to keep things organised so you'd not initialising stacks of variables all over the place. aan> To store submitted info to DB I would (now) use following code: aan> $name = mysql_real_escape_string($_POST['name']); The sooner you change this practise, the better :) But you know that anyway. aan> doing the same using arrays: aan> $submitted = array(); aan> $submitted['name'] = mysql_real_escape_string($_POST['name']); aan> Is this REALLY the same or there is a difference in security or aan> something else? You're effectively doing exactly the same thing, the difference being that you may find it quicker / less prone to error to keep things contained in a single clean array. As it stands however your array isn't clean and you really need to start filtering the data first and then putting it into a clean array - hope that makes sense? Best regards, Richard Davey -- http://www.launchcode.co.uk - PHP Development Services "I do not fear computers. I fear the lack of them." - Isaac Asimov -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
