API, $_Request and security
Posted: Fri Jan 15, 2010 10:47 am
An amateur coder who was looking at the API examples told me that using $_Request was an older coding method,
and he did not think it was safe.
He pointed me to this page, as if it somehow confirmed his statement:
http://php.net/manual/en/reserved.variables.request.php
The only thing I could see there was that is says that $_Request could be modified by remote users and "cannot be trusted".
I'd appreciate some help in placing that into a proper context and understanding whether or not it is an issue, or how much it is a big deal...
Is this going to be an issue if I let other websites interact with my server and update their player's stats and leaderboards etc?
and he did not think it was safe.
He pointed me to this page, as if it somehow confirmed his statement:
http://php.net/manual/en/reserved.variables.request.php
The only thing I could see there was that is says that $_Request could be modified by remote users and "cannot be trusted".
I'd appreciate some help in placing that into a proper context and understanding whether or not it is an issue, or how much it is a big deal...
Is this going to be an issue if I let other websites interact with my server and update their player's stats and leaderboards etc?