Im fairly new to php - and Im currently working on an academic project regarding security - my main question is why is POST form data unsecure - I can understand that GET data can be easily appended to the URL, but with POST doesnt it have to come in the POST array, and therefore can only arrive via a form - and why do we need to validate data in forms for security reasons - I can understand the convenience issues, but not really the security ones.
Any comments will be appreciated
thanks
Andrew
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi Everyone,
Im fairly new to php - and Im currently working on an academic project regarding security - my main question is why is POST form data unsecure - I can understand that GET data can be easily appended to the URL, but with POST doesnt it have to come in the POST array, and therefore can only arrive via a form - and why do we need to validate data in forms for security reasons - I can understand the convenience issues, but not really the security ones.
Any comments will be appreciated
thanks
Andrew