I have a form (method="POST") with a field "name". When I press submit, how should I take the field's content, with $name or with $_POST["name"]. Is there a difference? Which is better/safer?
Technically, $_POST["name"] is safer because someone could hijack the variable from within the url (script.php?name=bad).
Use $_POST["name"]. It's safer, you can always rely on it being there. $name could be over written by another file, or an included file.
Here is a link to some predefined var info: http://www.php.net/manual/en/language.variables.predefined.php
I'd like to add in, if you use the first method, your scripts willl not work once your host upgrades php to php 4.2. I have an article about some of the new changes to expect also.
