Author:??(---.cms.gre.ac.uk)
Date:???02-17-04 01:16
Hi Everybody,
Im reasonably new to PHP, Im in the process of creating an E-Commerce site, basically for my own interest, Ive been reading articles on PHP and Security and I keep reading that user input (from forms) should never be trusted; I can understand why GET data shouldnt be blindly accepted(as unscrupulous users could by pass the input and simply append details to the URL), but POST data appears to be far more secure as you can validate it by checking the POST array variables (you can use a variety of functions - isset, isempty etc). I guess as Im fairly new that there must be more to it than that, as in the security risks?? - any advice would be greatly appreciated.
Thanks
Andrew
|
|