PHP Security: Trouble With Input Source (GET, POST, ENV, Cookie, SERVER) Step By Step Tutorial

The best tutorial of php, php framework, php strategies, object oriented oriented,

PHP Security: Trouble With Input Source (GET, POST, ENV, Cookie, SERVER)

Tag: security, parameter, GET, POST, ENV, Cookie, SERVER Category: PHP Security
post: 27 Feb 2008 read: 334

PHP Security Superglobal Tips: Taking variable value can from various source. We recognize the source: GET, POST, Env, Cookie, SERVER. For example, we mention a variable $test, it can contain just where from any where.

At small application, possible still modestly in managing variable. But when the application become bigger, variable naming become the muddle. Will very wise if we take a care to determine the source for variable

For example:


<?
echo $test;
?>

It can come from $_GET['test'], $_POST['test'], $_SESSION['test'], etc. Depend of your php.ini. Try to open your php.ini (my php.ini within C:\WINDOWS. It depend installation). Find like following line code:


variables_order = "EGPCS"

It mean high priority is from ENV. Then GET, POST, Cookie, last SERVER. So, if you write like this:


<?
echo $test;
?>

It will find from $_ENV['test'] for first time. You can change your php.ini and set as you need, like:


variables_order = "GPSC"

| Give Your Opinion | Recommend

Share and Bookmark to: These icons link to social bookmarking sites where readers can share and discover new web pages.

615

posting

Your Name *	:
Email *	:	(Will not be published)
Website/URL	:
Your Comment *	:

* Required

PHP Basic	PHP Classes	PHP Framework	PHP Application	PHP Security	PHP Editor
PHP Books	PHP Database	MySQL	Hosting	Apache	CSS
Motivation	Web Design	PHP API	JavaScript	Computer Tips

phpeveryday.com

The best tutorial of php, php framework, php strategies, object oriented oriented,

PHP Security: Trouble With Input Source (GET, POST, ENV, Cookie, SERVER)