On Tue, November 8, 2005 3:10 pm, Tony Di Croce wrote: > Are variables that are stored in the $_POST[] array ever communicated > to the > browser? > > Im using PHP sessions, and I store lots of variables in $_POST[]... If > I use > $_POST[] to communicate variables from 1 php script to another, is > that > insecure? http://php.net/phpinfo will dump $_POST (and everything else) to the browser. And you could, at some point in debugging, use var_dump($_POST). But in the normal course of events, the data in $_POST isn't sent "back" to the browser by PHP under the hood. That said: You should not be cramming things into $_POST. $_POST is what comes *FROM* the browser. Treat it as "read only" unless you want to make yourself miserable down the road some day. What are you putting into $_POST and why? And how does that communicate from one script to another??? Are you cramming things into $_POST and then passing them on through cURL or something??? -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
