On Tue, 2006-04-25 at 13:47, Stut wrote: > Richard Lynch wrote: > > If you are doing your sanitization/filtering/validation correctly, you > > shouldn't even be READING $_POST after the first 3 lines of your PHP > > code anyway. (Okay, maybe first 10 lines.) > > The same goes for $_GET data also. > > > The longer you use header("Location: ...") the more you realize how > > it's just not a substitute for a well-structured web application. > > > > Just my 2 cents. > > As long as we're throwing foreign money into the ring, I'd just like to > say that I make a point of redirecting to another page after a post > request, otherwise you get unsightly errors in the browser when the user > tries to use the back/forward buttons. Other than in that situation I > make sure I do includes rather than redirects. Agreed. My form engine submits to the same page and uses the validation engine to check the fields, if any fails, it stays where it is and the fields will be marked and error messages about validation presented. When the user submits clean data, the form performs a redirect to the URL specified to the form engine as the action... if the action URL happens to be the same page, then it skips the redirect entirely. In my applications though, literal includes are rare within the code itself and almost exclusively only used to extend other classes since the framework performs the includes according to module/component descriptions. Almost everything is decoupled from everything else. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php