Posted by "Richard Lynch" on 10/19/61 11:31

On Tue, November 8, 2005 3:10 pm, Tony Di Croce wrote:
> Are variables that are stored in the $_POST[] array ever communicated
> to the
> browser?
>
> Im using PHP sessions, and I store lots of variables in $_POST[]... If
> I use
> $_POST[] to communicate variables from 1 php script to another, is
> that
> insecure?

http://php.net/phpinfo
will dump $_POST (and everything else) to the browser.

And you could, at some point in debugging, use var_dump($_POST).

But in the normal course of events, the data in $_POST isn't sent
"back" to the browser by PHP under the hood.

That said: You should not be cramming things into $_POST.

$_POST is what comes *FROM* the browser.

Treat it as "read only" unless you want to make yourself miserable
down the road some day.

What are you putting into $_POST and why?

And how does that communicate from one script to another???

Are you cramming things into $_POST and then passing them on through
cURL or something???

--
Like Music?
http://l-i-e.com/artists.htm

• Next in forum: Re: [PHP] Determining Built Configuration
• Prev in forum: Re: [PHP] Use of auto_prepend_file inside an Apache directory container
• Thread view: Re: [PHP] A question...

[Reply to this message]