[Phpmyadmin-devel] Re: deglobalization started
Michal Čihař
michal at cihar.com
Sun Dec 11 15:13:05 CET 2005
Hi
On Mon, 12 Dec 2005 00:06:00 +0100
Sebastian Mendel <lists at sebastianmendel.de> wrote:
> but $goto i special, $goto is not always coming from $_REQUEST
>
> we should differ between $goto and $_REQUEST['goto']
>
> common.inc.php should check $_REQUEST['goto'] against a whitelist and
> set $goto
>
> $_REQUEST['goto'] is one of this varaibles that should be globally
> handled by common.inc.php like $_REQUEST['server'], $_REQUEST['db'],
> $_REQUEST['table'], $_REQUEST['lang'], ...
Exactly ;-).
--
Michal Čihař | http://cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20051211/6a98f7c3/attachment.sig>
More information about the Developers
mailing list