i have developed my own "register globals" function that mimics the action
of register globals, but only for $_POST... i do this to ensure that all
incoming communication is escaped for use in scripts to account for, and to
avoid, SQL injection. below is the code... any suggestions would be welcome
to make this a more secure function for use to massage data going to MySQL:
====================================
function escape(){
while (list($key, $value) = each($_POST)) {
$value = trim(mysql_escape_string($value));
global $$key;
$$key = $value;
}
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
