Re: Data trasfer between PHP pages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2009-01-12 at 15:15 -0500, Eric Butera wrote:
> On Mon, Jan 12, 2009 at 3:03 PM, Ashley Sheridan
> <ash@xxxxxxxxxxxxxxxxxxxx> wrote:
> > I tend to use $_REQUEST to capture a lot of my data, as I end up mixing
> > get and post a lot throughout my code. $_REQUEST is an amalgamate of
> > $_COOKIE, $_GET and $_POST (in that order I believe, with $_GET
> > overwritting $_COOKIE, and $_POST overwriting $_GET). This is especially
> > useful when altering how a form sends data. Only today we had to update
> > a form to use GET instead of POST, as IE managed to break the back
> > button because of the POST values not auto-submitting. It would have
> > meant a lot of code changes had $_REQUEST not been used.
> 
> It's okay if you want to do such things, but I really wouldn't
> recommend it.  It leads to buggy apps (from almost every example I've
> ever seen).  Most code I've seen using $_REQUEST doesn't validate it
> either which would be the loophole to it.  Any app allowing user input
> should function no matter where it comes from or what it is, but still
> why not be very clear about it.
> 
> GET is for the state of the page & POST is for data.  So you really
> shouldn't mix the two concepts.

Most systems using a front-end loader to get to a page containing a form
wouldn't work if you DIDN'T mix the two concepts.

Cheers,
Rob.
-- 
http://www.interjinn.com
Application and Templating Framework for PHP


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux