Author:??(---.wral-tv.com)
Date:???02-18-04 03:50
fdheiehofwefewAndrew Gibbs wrote:
>
> Hi Everybody,
> Im reasonably new to PHP, Im in the process of creating an
> E-Commerce site, basically for my own interest, Ive been
> reading articles on PHP and Security and I keep reading that
> user input (from forms) should never be trusted; I can
> understand why GET data shouldnt be blindly accepted(as
> unscrupulous users could by pass the input and simply append
> details to the URL), but POST data appears to be far more
> secure as you can validate it by checking the POST array
> variables (you can use a variety of functions - isset,
> isempty etc). I guess as Im fairly new that there must be
> more to it than that, as in the security risks?? - any advice
> would be greatly appreciated.
> Thanks
> Andrew
|
|