PHP Development
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me

The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.

Go Back   Dev Shed ForumsProgramming LanguagesPHP Development
Reload this Page

PHP-General - POST and REQUEST


Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old January 19th, 2013, 12:36 PM
knovial07 knovial07 is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jan 2013
Posts: 1 knovial07 User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 m 47 sec
Reputation Power: 0
PHP-General - POST and REQUEST
What is the difference between POST and REQUEST method?
Reply With Quote
  #2  
Old January 19th, 2013, 12:45 PM
gw1500se gw1500se is online now
Contributing User
Dev Shed Frequenter (2500 - 2999 posts)
  
Join Date: Jul 2003
Posts: 2,876 gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level) 
Time spent in forums: 1 Year 1 Week 6 Days 19 h 32 m 14 sec
Reputation Power: 581
$_REQUEST contains: $_COOKIE, $_GET, and $_POST variables

If you use $_REQUEST you have no guarantee that the data came from the post data, which leads to security holes in your script.

Normally you should not use $_REQUEST.
__________________
There are 10 kinds of people in the world. Those that understand binary and those that don't.
Reply With Quote
  #3  
Old January 19th, 2013, 12:54 PM
Jacques1's Avatar
Jacques1 Jacques1 is online now
pollyanna
Click here for more information.
  
Join Date: Jul 2012
Location: Germany
Posts: 1,854 Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level)Jacques1 User rank is Lieutenant General (80000 - 90000 Reputation Level) 
Time spent in forums: 1 Month 2 Weeks 1 Day 15 h 27 m 29 sec
Reputation Power: 813
Hi,

Quote:
Originally Posted by gw1500se
If you use $_REQUEST you have no guarantee that the data came from the post data, which leads to security holes in your script.


Why should that lead to security holes??

It's a myth that data sent via POST is somehow "more secure" than URL parameters. Anybody can send any request to any receiver, so there's no difference from a site owner's perspective.
Reply With Quote
  #4  
Old January 19th, 2013, 01:14 PM
gw1500se gw1500se is online now
Contributing User
Dev Shed Frequenter (2500 - 2999 posts)
  
Join Date: Jul 2003
Posts: 2,876 gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level)gw1500se User rank is Colonel (50000 - 60000 Reputation Level) 
Time spent in forums: 1 Year 1 Week 6 Days 19 h 32 m 14 sec
Reputation Power: 581
I did not mean to imply that $_POST was secure. Just that using $_REQUEST makes is easier to mess with variables.
Last edited by gw1500se : January 19th, 2013 at 01:18 PM.
Reply With Quote
Reply

Viewing: Dev Shed ForumsProgramming LanguagesPHP Development > PHP-General - POST and REQUEST

« Previous Thread | Next Thread »

Developer Shed Advertisers and Affiliates



Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap