NYCPHP Meetup

[Chris Shiflett]

Hi Joseph,

> do you suggest hardcoding the filenames even when referencing the
> same file that is executing?

That's what I do, yes, but regardless, blind trust isn't a good idea
regarding any data that can be influenced by or provided by a third party.

If you anticipate needing to change names/URLs/whatever in the future,
you can restrict $_SERVER['PHP_SELF'] to a particular naming convention
or a finite set of valid values.

(I suffer from URL vanity, so I rarely encounter this problem. Others
might have better suggestions.)

Chris

-- 
Chris Shiflett
http://shiflett.org/