|
Hey panther,
I just read this about using the extract() function:
Quoted from php.net from their Warning Box
"Do not use extract() on untrusted data, like user-input ($_GET, ...). If you do, for example, if you want to run old code that relies on register_globals temporarily, make sure you use one of the non-overwriting extract_type values such as EXTR_SKIP and be aware that you should extract $_SERVER, $_SESSION, $_COOKIE, $_POST and $_GET in that order."
You ever run into any thing like that?
IcI
|