On Thu, Nov 13, 2003 at 01:55:08PM +0200, Fernando Melo wrote:
: Jon Haworth responded:
: : Fernando Melo wrote:
: : >
: : > I have a PHP application that passes variables (values) from a form.
: : > I get these using $_POST
: : >
: : > However I do also post some variables via a link. Which ofcourse
: : > requires register_globals to be ON.
: :
: : Do you mean variables in a URL, like this:
: : www.example.com/index.php?foo=1&bar=2
: :
: : If so you can access these via the $_GET array and leave
: : register_globals turned off.
:
: Thanks.
:
: I don't see how this makes it more secure though?
:
: The values are still picked up the same way from a URL
If you want to prevent casual packet sniffing, you need to move your
code to a SSL-enabled web server.
If you want to minimize data exchange between PHP pages via POST or GET
methods, consider switching to sessions.
http://www.php.net/manual/en/ref.session.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
