On Sat, 17 Jun 2006 09:55:05 -0400, tedd <tedd@xxxxxxxxxxxx> wrote:
> At 8:52 AM -0300 6/17/06, Martin Marques wrote:
>>Yesterday when reading some doc on PHP I noticed the $_REQUEST predefined
> array, which looked like a solution to having to check in GET and POST data
> (I'm not sure if it will really have an impact on my program yet).
>>
>>The thing is, I also saw this description:
>>
>>Variables provided to the script via the GET, POST, and COOKIE input
> mechanisms, and which therefore cannot be trusted.
>>
>>Now, why shouldn't it be trusted?
>
> Martin:
>
> Lot's of reasons why you shouldn't trust user input.
OK, let's clear something out (which I didn't put in my original mail, and should have).
I know user input shouldn't be trusted. What I want to know is IF and WHY $_REQUEST should be more untrusted then $_POST or $_GET.
--
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
