Hi, all --

I am storing some variables such as a password, email address, working
dir, and so on in a session.  I receive the password, for instance, via
POST.  I get a few vars via GET.  I have successfully used extract() to
pull the data out of _SESSION each time; yay.

So now I wonder how I should pull from _POST and _GET...  If I just
extract() them, then 1) I won't be checking for evil input and 2) in
which order do I do so?  The only example around which I can wrap my head
at the moment is password, and of course I wouldn't store the password in
_SESSION unless it were correct, but bear with me :-)  If I had good data
in _SESSION and then extracted _POST then I might step on it, but if I
extract _POST and then _SESSION I would never think that I got the input!

I'm sure that there's some simple concept that still eludes me which will
make all of this fall into place, but I sure could use some help getting
to it! :-)


TIA & HAND

:-D
-- 
David T-G                      * There is too much animal courage in 
(play) [EMAIL PROTECTED] * society and not sufficient moral courage.
(work) [EMAIL PROTECTED]  -- Mary Baker Eddy, "Science and Health"
http://justpickone.org/davidtg/      Shpx gur Pbzzhavpngvbaf Qrprapl Npg!

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to