Faking a post variable......is it possible?

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

User avatar
a94060
Forum Regular
Posts: 543
Joined: Fri Feb 10, 2006 4:53 pm

Post by a94060 »

well,im coming here to lean also :lol:
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Naturally dude...we all do regardless of experience...
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Maugrim_The_Reaper wrote:To be honest your application should not care how a user chooses to send input. So long as it filtered effectively they can fake all the POST requests they want... As a quick rule - if a URI on your app does not expect any POST data, then your input filter should simply discard any such data immediately.
I think that hits the nail right on the head. Design your app to "just work" no matter what the user does, or how they choose to interact with it.

I think I can see what you might have been getting at though... in a situation where you're following a front controller pattern and all requests come through the same page, POST data may have a nagtaive impact on certain parts of your app.... but that's only if you're not filtering your input through something like the input filter posted earlier.... there are loads of takes on how to do this filtering too.
Post Reply