On Wednesday 01 June 2005 22:33, you wrote:
>
> >elseif(count($_POST)>0)
> > foreach($_POST as $key=>$value)
> > if( ($key!=='login') && ($key!=='name') && ($key!=='pass') )
> > $hiddens.=<<<_hid_
> > \n\t
> > _hid_;
>
> But what happened here? Why do you assume POST data is saf
Andy Pieters wrote:
> $valid=array('from','authorize','order');
>#copy GET to POST
>if(count($_GET)>0)
>{foreach($_GET as $key=>$value)
> if(in_array($key,$valid))
> {$key=htmlspecialchars($key);
> $value=htmlspecialchars($value);
> $hiddens.=<<<___hid
> \n\t
2 matches
Mail list logo
