Possible Duplicate:
Does $_REQUEST have security problem?
Does anyone have verifiable citations on this? What would be the roundabouts for the security holes?
Asked
Active
Viewed 194 times
0
Community
- 1
- 1
Rojas Azules
- 135
- 1
- 4
-
Because it [combines](http://php.net/manual/en/reserved.variables.request.php) the contents of `$_GET`, `$_POST` and `$_COOKIE`. – KV Prajapati Sep 15 '12 at 07:32
1 Answers
0
Here is a small post that you can read about why:
http://devlog.info/2010/02/04/why-php-request-array-is-dangerous/
From that page:
Question: Why is $_REQUEST insecure?
Answer: Because it combines COOKIE as well as GET and POST, and the COOKIE data always takes precedence creating the possibility for dangerous "sticky" variables.
Night2
- 1,168
- 9
- 18