From 9b43918fe89054c91b5d3d31e338b3ca9800777a Mon Sep 17 00:00:00 2001
From: thepurpleblob <thepurpleblob>
Date: Wed, 6 Jul 2005 05:27:00 +0000
Subject: [PATCH] Ahem - data_submitted() remark, now considerably toned down
 in line with Petr Skoda's (actual) recommendation.

---
 lang/en/docs/coding.html | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lang/en/docs/coding.html b/lang/en/docs/coding.html
index fe37f7407..a58cecc7b 100755
--- a/lang/en/docs/coding.html
+++ b/lang/en/docs/coding.html
@@ -232,8 +232,7 @@ GOOD: $assignments (for an array of objects)<br />
     value for a variable, use the <code>set_default()</code> function.</li>
   <li class="spaced">Do not use the <code>require_variable()</code> function. Use the <code>required_param()</code>
     function instead. Pick the correct PARAM_XXXX value for the data type you expect.</li>
-  <li class="spaced">Do not use <code>data_submitted()</code>, if possible, as this bypasses the data cleaning
-    functions of <code>required_param()</code> and <code>optional_param()</code>.
+  <li class="spaced">Use <code>data_submitted()</code>, with care. Data must still be cleaned before use.</li>
   <li class="spaced">Do not use <code>$_GET</code>, <code>$_POST</code> or <code>$_REQUEST</code>. Use the
     appropriate <code>required_param()</code> or <code>optional_param()</code> appropriate to your need.</li>
   <li class="spaced">Do not check for an action using something like <code>if (isset($_GET['something']))</code>. 
-- 
2.11.4.GIT