PHP Security: Trouble With Input Source (GET, POST, ENV, Cookie, SERVER)Tag: security, parameter, GET, POST, ENV, Cookie, SERVER Category: PHP Securitypost: 27 Feb 2008 read: 334 PHP Security Superglobal Tips: Taking variable value can from various source. We recognize the source: GET, POST, Env, Cookie, SERVER. For example, we mention a variable $test, it can contain just where from any where. At small application, possible still modestly in managing variable. But when the application become bigger, variable naming become the muddle. Will very wise if we take a care to determine the source for variable For example:
It can come from $_GET['test'], $_POST['test'], $_SESSION['test'], etc. Depend of your php.ini. Try to open your php.ini (my php.ini within C:\WINDOWS. It depend installation). Find like following line code:
It mean high priority is from ENV. Then GET, POST, Cookie, last SERVER. So, if you write like this:
It will find from $_ENV['test'] for first time. You can change your php.ini and set as you need, like:
|
| | Give Your Opinion | Recommend |
|

