|
|
Posted by jmark on 05/17/07 02:20
On May 16, 3:05 pm, Schraalhans Keukenmeester <inva...@invalid.spam>
wrote:
> At Wed, 16 May 2007 20:17:07 +0200, Erwin Moller let his monkeys type:
>
> > j...@fastermail.com wrote:
>
> >> I have seen some code like
> >> $value = strval($REQUEST['value']);
>
> >> I would like to know what is the use of strval here since $_REQUEST
> >> values are strings?
>
> > PS: I think you should avoid $_REQUEST. Just use $_POST and $_GET.
>
> Erwin, what's wrong with using $_REQUEST instead of $_GET / $_POST ?
> Security issue?
>
> Sh.
This is more similar to a type checking issue and not security.
$_REQUEST can be either a get, a post, or a cookie variable. There are
circumstances where its more convenient to use $_REQUEST, like if you
have to call a certain script using either get or post method.
[Back to original message]
|