Should I change $_REQUEST to $_POST

Posted by Scarface on Stack Overflow See other posts from Stack Overflow or by Scarface
Published on 2010-06-07T06:23:46Z Indexed on 2010/06/07 6:32 UTC
Read the original article Hit count: 162

Filed under:
|

Hey guys quick question, I have a checkbox system where a list of items can be checked and deleted on the click of a button. I currently use request and it does the job but I was wondering if $_REQUEST was some sort of security risk or improper. If anyone has any advice I would appreciate it. Should I change to $_POST? If so, what is the best way to go about it?

 foreach ($_REQUEST as $key=>$value) {
    if (substr($key,0,3)==="img") {
      $id = substr($key,3);
if(isset($_REQUEST['Delete'])) { 

 $sql = 'SELECT file_name,username FROM images WHERE id=?';
$stmt = $conn->prepare($sql);
$result=$stmt->execute(array($id));

while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$image=$row['file_name'];
$user=$row['username'];
$myFile = "$user/images/$image";
unlink($myFile);
}


<input id=\"img".$id."\" name=\"img".$id."\" type=\"checkbox\">

© Stack Overflow or respective owner

Related posts about php

Related posts about mysql