Should I change $_REQUEST to $_POST
Posted
by Scarface
on Stack Overflow
See other posts from Stack Overflow
or by Scarface
Published on 2010-06-07T06:23:46Z
Indexed on
2010/06/07
6:32 UTC
Read the original article
Hit count: 162
Hey guys quick question, I have a checkbox system where a list of items can be checked and deleted on the click of a button. I currently use request and it does the job but I was wondering if $_REQUEST was some sort of security risk or improper. If anyone has any advice I would appreciate it. Should I change to $_POST? If so, what is the best way to go about it?
foreach ($_REQUEST as $key=>$value) {
if (substr($key,0,3)==="img") {
$id = substr($key,3);
if(isset($_REQUEST['Delete'])) {
$sql = 'SELECT file_name,username FROM images WHERE id=?';
$stmt = $conn->prepare($sql);
$result=$stmt->execute(array($id));
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$image=$row['file_name'];
$user=$row['username'];
$myFile = "$user/images/$image";
unlink($myFile);
}
<input id=\"img".$id."\" name=\"img".$id."\" type=\"checkbox\">
© Stack Overflow or respective owner