PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Because earlier another variable captures and cleanses the superglobals. I do not wish other developers to bypass the security by directly accessing the superglobals. Nor do I want the developer to even think about trying to pull in values from outside the current scope.
Once I've captured them, eliminating them is the best protection.
doesn't worrk. So it looks like you can only unset them from the script scope. Inside a function ot a class it fails. Passing the array by reference into the killGet also failed. (And yes I already used the foreach unset() workaround)
interesting... there must be some hidden variable passing done in the "background" that would make scope level changes potentially do nothing.. could that technically be a bug, since they aren't write protected?
I'd maybe suggest keeping a copy of the raw input somewhere (if you haven't already). If you show submitted values in a redisplayed form, it's probably more user-friendly to use the exact text which they entered to avoid possible problems such as an error message complaining about an invalid value which has, confusingly, been echo'd back to the form as a valid, filtered value.
I do keep a copy around, however once the Request has "internalized" the superglobals, no other part of the script is allowed to access them. This restriction is only made possible by removing all keys/values from the superglobals.