At 9:52 PM +0000 12/9/08, Ashley Sheridan wrote:
>
Thanks guys and gals!
You shouldn't be passing info like that over the URL; use sessions
instead.
I saw a shopping cart system once that passed the price of items over
the URL, and when I found out and alerted them, we won the contract for
a rebuild and then got accused of hacking by their previous web guys
(who incidentally built the system!)
Ash
Ash:
Even if you did hack the site, all that means is that site was
hack-able and thus should have been fixed anyway.
In my mind, hacking a site (without doing damage) is a good
introduction to a client.
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
