Re: Re: setcookie security concerns [medium]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rafael:


<?php
$thestyle=  htmlentities($_POST['thestyle']);
setcookie ('thestyle', $set, time()+31536000, '/', '', 0);
header("Location: $HTTP_REFERER");
?>
Actually, you receive $set via GET, so you should use $_GET instead of $_POST. 

Yes, you are correct.

In my example --

http://www.sperling.com/examples/styleswitch/
-- the value doesn't look like it is being added to the url and thus I mistakenly thought it was a POST. I wonder why the value isn't apparently attached to the url in this case? 

tedd

--
--------------------------------------------------------------------------------
http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux