|
|
Posted by "Richard Lynch" on 10/20/61 11:31
On Tue, November 8, 2005 3:10 pm, Tony Di Croce wrote:
> Are variables that are stored in the $_POST[] array ever communicated
> to the
> browser?
>
> Im using PHP sessions, and I store lots of variables in $_POST[]... If
> I use
> $_POST[] to communicate variables from 1 php script to another, is
> that
> insecure?
http://php.net/phpinfo
will dump $_POST (and everything else) to the browser.
And you could, at some point in debugging, use var_dump($_POST).
But in the normal course of events, the data in $_POST isn't sent
"back" to the browser by PHP under the hood.
That said: You should not be cramming things into $_POST.
$_POST is what comes *FROM* the browser.
Treat it as "read only" unless you want to make yourself miserable
down the road some day.
What are you putting into $_POST and why?
And how does that communicate from one script to another???
Are you cramming things into $_POST and then passing them on through
cURL or something???
--
Like Music?
http://l-i-e.com/artists.htm
[Back to original message]
|