When You Do not Know How Data Is Sent

Jun 14, 2009 Author: LinuxAdmin

If you need to write a script that is supposed to work just as well with both GET and
POST requests, you can use the $_REQUEST superglobal array; the latter is filled in

using data from different sources in an order specified by a setting in your php.ini
file (usually, EGPCS, meaning Environment, Get, Post, Cookie and Built-in variableS.
Note that $_REQUEST only contains cookie, GET and POST information).
The problem with using this approach is that, technically, you don’t know where
the data comes from. This is a potentially major security issue that you should be
fully aware of. This problemis discussed inmore detail in Security .


views 2697
  1. Add New Comment