Richard wrote:
It's a wise choice to go with $_POST, unless your form is a GET form,
in which case use $_GET. $_REQUEST has the potential to open your
script(s) up to security issues.
I am not sure what the security issues are you are referring to as the
$_REQUEST superglobal contains both $_GET and $_POST values. Could you
expound on that? Thanks.
Use quoted strings - either single or double quotes. Eg:
$myArray['myKey']
$myArray["myKey"]
To answer your question though, the quotes will not protect you from SQL
injection at all. It simply has to do with processing the values.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
