[nycphp-talk] $_REQUEST: Bad Form?
David Krings
ramons at gmx.net
Sun Oct 14 16:59:21 EDT 2007
Brian D. wrote:
> One last question, David, you said in reference to $_POST saving one
>>from SQL injections:
> "You're saying it doesn't? But it still saves one from parse errors
> and 404s...."
>
> Using $_POST over $_REQUEST makes no difference in what you receive -
> you'll still have to escape data that you put into a SQL query either
> way. How does using $_POST save one from parse errors and 404s?
>
Sometimes sarcasm does... ;)
David
More information about the talk
mailing list