On Sat, 17 Jun 2006 15:01:23 +0200, "Satyam" <Satyam@xxxxxxxxxxxxx> wrote:
> In general, user input should never be trusted. Someone once told me that
> if you ask for yes or no, you should always validate for yes, no and don't
> know (of course, this was before windowed environments where the users can
> only click what you offer them).
Yes, I do validation. Incoming data is insearted to objects via methods that validate it first.
What I was asking is why the $_REQUEST is untrueted while $_POST and $_GET are (or at least the are not explicitly untrusted).
--
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
