> It is a VERY bad idea to accept data via GET that you are going to
> write into your database. Please do not do it, you should only accept
> POST data
Why, by the way? It is no more difficult for a user (web browser, JavaScript, curl, etc.) to send POST data than it is to send GET data. Either you trust the user to supply data to your application or you don't.
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment