Re: Submitting form from <a href

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dave W wrote:

The problem with GET is that a user that looks at the source code of the
html can easily just input what they want for the argument. Can you say SQL 
injection?
Can you say input validation? Regardless of where user input comes from, whether it's in the URL, in POST vars or in cookies they should all be subjected to the same validation. Trust nothing. 

-Stut

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]
  Powered by Linux