Mike, Both of your bit of code are not equal.
On my ISP in 4.0.6 isset returned false if the variable was not existing OR empty in 4.2 isset returns true if the variable exists but is empty, so you may want to check with empty instead of isset Luc At 12:16 10/05/2002 +0100, Ford, Mike [LSS] wrote: > > -----Original Message----- > if (isset($password)): // register_globals on > $super_user = $password==$super_password; > endif; > > if ($super_user): > // sensitive admin stuff > endif; > >is more secure than: > > if (isset($_GET['password'])): // register_globals off > $super_user = $_GET['password']==$super_password; > endif; > > if ($super_user): > // sensitive admin stuff > endif; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
