Announcement

Collapse
No announcement yet.

Security Risk?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Theiggsta
    replied
    technically, yes because HTTP_POST_VARS looks for a POST from a form, where as a GET can be shoved into the address line like so.

    blah.php?variable=blah

    So use HTTP_POST_VARS unless you have checking systems for the GET post vars, so no one can break in with fake GET vars.

    Leave a comment:


  • leadZERO
    started a topic Security Risk?

    Security Risk?

    Is there a security risk in using $variable over $HTTP_POST_VARS['variable'] with post forms?
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X