7 Dec
2005
7 Dec
'05
1:43 p.m.
Hi
On Wed 7. 12. 2005 20:48, Marc Delisle wrote:
From the manual: "$_REQUEST
Variables provided to the script via the GET, POST, and COOKIEinput mechanisms, and which therefore cannot be trusted. The presence and order of variable inclusion in this array is defined according to the PHP variables_order configuration directive. "
Yes, so there are variables from GET, POST, and COOKIE and their preference is defined by variables_order.
This is a separate discussion. So you would like to refer to $_REQUEST['foo'] everywhere in the code, instead of importing into a global $foo?
Yes. You can then perfectly see that this variable is potentially dangerous. Putting everything in global namespace hides this difference.
--
Michal Čihař | http://cihar.com