Re: alternative method

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Samstag, den 02.12.2006, 13:57 -0600 schrieb Larry Garfield:
> If you're talking about getting user data into a web script, then GET, POST, 
> and cookies are the only options.  All three are insecure, because they're 
> coming from the user.  The user is guilty until proven otherwise.  Sanitize 
> thy input.

There is also 
http://www.php.net/manual/en/features.http-auth.php
which may be more secure than POST.
With Client Side XSS  form data maybe can be read.
There is no access form javascript to http-auth parameters.

Bernhard

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux