An alternative... 1. register_globals off
use the command
import_request_variables("PC","_p");
now you can get the variables like user as $p_user.
The get variables will be ignored!
Still, If a user developes a special browser, exclusively to hack, he may be
able to send post variables...
Any comments...Any one ?
Lord Loh
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
