NYCPHP Meetup

[mikesz at qualityadvantages.com]

Hello David,

> So what exactly does the parameter Mode do? Isn't this line showing that a
> parameter with value got passed to a script with GET? In that case, which
> input validation / processing do your scripts have?

> David
> _______________________________________________

Indeed, it was a GET passed directly through the browser as a URL. At
first I didn't understand where it came from because the "selector" is
a link not a form. When you click on the link on the index page, it
does a page refresh and passes the new selection criteria so that when
the page comes back it contains the thumbnails for the new request.
Frankly, I didn't know the script did that until I started to analyze
the badguy's submission and discovered what 'Mode' did by doing a
print_r of $_REQUEST in a test.
-- 
Best regards,
 mikesz                            mailto:mikesz at qualityadvantages.com