Justin French <[EMAIL PROTECTED]> wrote: > Hi, > > Is there any danger in overwriting the $_GET array? Will it still > remain a superglobal in all circumstances?
yes and yes. see below for explaination > > <? > // Example 1: > $_GET['foo'] = base64_decode($_GET['foo']); // modify a value > > // Example 2: > $_GET = array(); // > empty it > $_GET['myNewKey'] = 'something'; // > re-populate > ?> Have you tried running the script to see if $_GET['myNewKey'] actually is filled out? You'll find that it is. > > I'm considering the "search engine friendly URL" methods discussed many > times here and all over the web, but want to: > > a) maintain using $_GET, to ensure speedy conversion of old scripts > b) maintain a certain level of familiarity in the way I (and others) > write scripts > c) have the values as superglobals (ie, available within functions) Using the special name space variable rather defeats the purpose of why php now has register_globals to off. The $_GET variable should be used to ensure that the variable did indead come in from the GET request. Also malicous users can attempt to set variables that they shouldn't be setting. See "Using Register Globals" for security reasons: http://www.php.net/manual/en/security.registerglobals.php for > > TIA > Justin French > > Curt -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
