What is safer way to send data - in $_GET or curl headers?

Ask about general coding issues or problems here.

Moderators: egami, macek, gesf

Post Reply
seandisanti
php-forum Fan User
php-forum Fan User
Posts: 973
Joined: Mon Oct 01, 2012 12:32 pm

Thu Mar 21, 2013 3:38 pm

You can never assume any method is 'safe' but think about it, with GET variables, the variable name and value are both openly displayed in the address bar. at least using POST you make them work for it a little bit. You can also verify the referer, etc to prevent cross site scripting, and make sure that fields can't be changed etc. It's impossible to prevent every possible way that form data can be abused, but $_REQUEST should never be used, and $_GET should only be used when you're sure the data can't be misused.

johnj
php-forum Super User
php-forum Super User
Posts: 1803
Joined: Thu Mar 10, 2011 5:07 pm

Thu Mar 21, 2013 9:26 pm

Between $_GET and curl header, curl header is better "in this case".

User avatar
egami
php-forum GURU
php-forum GURU
Posts: 2192
Joined: Wed Oct 06, 2010 11:19 am
Location: Happy Valley, UT

Fri Mar 22, 2013 12:24 pm

I would use cURL & the HTML POST feature, over HTTPS.


Just my $.02

Post Reply
  • Information
  • Who is online

    Users browsing this forum: No registered users and 4 guests