So, I encoded a bit (2 years), and I have a very subjective question:
Is it wrong to use $ _REQUEST for data?
This mainly relates to authentication.
If you are thinking of three ways to transfer data to $_REQUEST, it can either be from a cookie, or from a form, or from a query string. Now I know that most people directly grab information from $_POSTor $_GET, using $_COOKIEonly when they expect a cookie.
My theory is that there really shouldn't be any difference in this data, and it shouldn't make any difference if you replaced $_POSTor $_GETby $_REQUEST.
If you authenticate a user to the system, does it really matter if the authentication data is contained in an array $_POSTor $_GET? Damn, it probably doesn't matter if they are in $_COOKIE. They still provide you with login credentials, which you should check for correctness and if they will be logged in.
Now I understand that there are security issues if you are trying to get a login form that sends data through a query string, but I don't think this relates to the question. In addition, if someone fails to log in too many times, appropriate restrictions must be set to avoid server overload.
I would like to express an opinion on this here.
Wiki'd community for a good rating.
, , , StackOverflow, , $_REQUEST
$_GET $_POST $_REQUEST?
$_REQUEST $_GET/$_POST/$_COOKIE?