Is Super Global use obsolete and insecure?

1

I wonder if Using Super Global is obsolete and insecure in PHP, and why this statement.

Now we have filter_input and I have this doubt.

    
asked by anonymous 12.11.2017 / 03:22

1 answer

3

No, using superglobals is not obsolete or insecure. What is obsolete and insecure is linking to register_globals directive, which creates global variables based on superglobals. For example, $_POST['bla'] also exists as $bla .

Now, the data that exists in these variables are often (1) sensitive - it may be best to avoid storing - or (2) malicious - and then enter filter_input , among other measures, to ensure that input data be safe. What you have in superglobals is the "pure" input data, it is up to your application to treat them in a secure way.

    
12.11.2017 / 03:50