Is putting $_GET in headers safe? (PHP)

Posted by ggfan on Stack Overflow See other posts from Stack Overflow or by ggfan
Published on 2010-05-08T17:57:37Z Indexed on 2010/05/08 18:08 UTC
Read the original article Hit count: 151

Filed under:

In my profile.php script, I have a flag function that allows users to flag that user.

If they flag a user, it sends data (user_id, reason, etc) to a file called flag.php which does all the banning and stuff. The data is sent to flag.php through

header("Location: flag.php?user_id=___&reason=___")

Then in flag.php, after it does all the banning, it redirects the user back to the profile through another header. The user never sees the flag.php.

Is my flag.php safe? because they never see the script?

© Stack Overflow or respective owner

Related posts about php