Newbie question on superglobal variables
Posted: Tue Nov 11, 2003 1:48 pm
Newbie here trying to learn the basics. Three questions...
Question #1
I understand there is a security issue with register_globals and the solution is to use superglobals such as $_POST['name'].
Since that's a handful to type each time I use that variable, I was wondering if there's any security risk to using the following:
I figure this conversion back to a regular (?) variable would save me some time and trouble as I continue to use the variable $name throughout a page.
Question #2
The manner in which superglobals increase security escapes me. I've read about someone guessing the variable name, setting it to TRUE, and bypassing the security of your pages. How, exactly, does using $_POST['name'] provide security for guessing variable names when $name doesn't?
Question #3
In MySQL, a single database can hold a very large number of tables. What are the trade offs of using separate databases with individual tables versus using several tables on a single database? Speed, security? I'm just looking for a general answer here.
Thanks to those who are sure to help out here. This forum has been one of the best I've ever joined.
Question #1
I understand there is a security issue with register_globals and the solution is to use superglobals such as $_POST['name'].
Since that's a handful to type each time I use that variable, I was wondering if there's any security risk to using the following:
Code: Select all
$name = $_POSTї'name'];Question #2
The manner in which superglobals increase security escapes me. I've read about someone guessing the variable name, setting it to TRUE, and bypassing the security of your pages. How, exactly, does using $_POST['name'] provide security for guessing variable names when $name doesn't?
Question #3
In MySQL, a single database can hold a very large number of tables. What are the trade offs of using separate databases with individual tables versus using several tables on a single database? Speed, security? I'm just looking for a general answer here.
Thanks to those who are sure to help out here. This forum has been one of the best I've ever joined.