[FX.php List] This is doing my head in...

DC dan.cynosure at dbmscan.com
Mon Nov 26 10:03:31 MST 2007


do you have any checkboxes? sometimes those can be sent to PHP via 
arrays if the HTML defines the id or name with square brackets. at least 
that's what your error says - string expected, but array gotten.

GL,
dan

Steve Winter had written:
> A typically cryptic, completely off the point, ggt post ;-)
> 
> As I understand it, the theory of it is that it means that pages which
> require data to be posted, and are therefore capable of making changes to a
> database are more easily able to be 'hacked' if they use _REQUEST, since it
> means that someone could look at the source of your html page, determine
> variables about your database, then use a get command to 'attack' your
> database, or some such thing of that kind...
> 
> In the case of that code, it's totally irrelevant, as the user has to have
> already logged in to get anywhere that code, they will never be able to
> determine its name from the web, since it's a page which is included by a
> page which in turn was included previously, based on a series of 'upstream
> decisions'...
> 
> And for the record, the problem still persists, so if anyone can see any
> reason why code that will behave correctly when accessed once round all of a
> sudden 'flips out' when it's used a short time later...
> 
> Thanks
> Steve
> 
> -----Original Message-----
> From: fx.php_list-bounces at mail.iviking.org
> [mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Dale Bengston
> Sent: Sunday, 25 November 2007 5:12 p.m.
> To: FX.php Discussion List
> Subject: Re: [FX.php List] This is doing my head in...
> 
> Why not?
> 
> Dale
> 
> On Nov 25, 2007, at 3:21 AM, Gjermund Gusland Thorsen wrote:
> 
>> Never use _REQUEST, use _POST or _GET
> 
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
> 
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.503 / Virus Database: 269.16.6/1150 - Release Date: 24/11/2007
> 5:58 p.m.
>  
> 
> No virus found in this outgoing message.
> Checked by AVG Free Edition. 
> Version: 7.5.503 / Virus Database: 269.16.6/1150 - Release Date: 24/11/2007
> 5:58 p.m.
>  
> 
> 
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
> 


More information about the FX.php_List mailing list