Randell D. wrote:
I found my accident that I could change the value of $_POST thus I was
thinking it would be better usage of memory (and therefore overall
performance) if instead of having duplicate data that I instead have the
cleaned data returned to $_POST.
I recommend doing this, especially when you're working on a project with
other programmers who might not be so diligent about variable cleaning.
I work on a CMS project and we clean all user-generated variables right
at the start, because we know that some 3rd party module developers are
too lazy to bother, thus breaking security for the whole system.
Jochen
--
/**
* @author Jochen Buennagel <zang at buennagel dot com>
*/