Women in Technology

Hear us Roar

  Ten Security Checks for PHP, Part 1
Subject:   get/post
Date:   2003-03-24 07:37:27
From:   anonymous2
$HTTP_*_VARS are NOT obsolete. You need to use these for sites running versions of PHP prior to 4.1.
Main Topics Oldest First

Showing messages 1 through 2 of 2.

  • get/post
    2004-11-17 03:56:54  Lancelotti [View]

    Cant you use this to security of your incluedes.

    $page = "path_to_file/$_GET[page].php";
    // put de get variable in string, and indicated de directory where your subpages are

    if (!file_exists($page)) {
    $page = "index.php";
    // if file not exists use the index.php

    // include de file

    Note. Include all your subpages in path_to_file and your extension may be .php
  • get/post
    2003-03-25 08:37:05  bblackmoor [View]

    $HTTP_POST/GET_VARS are obsolete. No one should be using old versions of PHP. Use $_GET and $_POST.