Rafael:
You said:
Inspite of all this, I would really recomend you not to rely
on register_globals=On, since: it's not a good idea, it's actually
deprecated (someday it will be removed) and makes your code a little
bit more confused, since it's not clear where do that variables come
from.
-snip-
And, the corresponding (switch.php) php code is:
<?php
setcookie ('thestyle', $set, time()+31536000, '/', '', 0);
header("Location: $HTTP_REFERER");
?>
I thank you very much for your comments and time.
One last question, considering the above code, would the following
code be a suitable replacement?
<?php
$thestyle= htmlentities($_POST['thestyle']);
setcookie ('thestyle', $set, time()+31536000, '/', '', 0);
header("Location: $HTTP_REFERER");
?>
I've used htmlentities() before to filter out user's input, but I
don't know if that's sufficient to protect from all types of
injections -- is it?
tedd
--
--------------------------------------------------------------------------------
http://sperling.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
