Regarding GET, sorry for the confusion: I guess I was just warning against using GET to alter stored data. Shouldn't be done. For example, a text link used to add, update, or delete data in a database is not a good idea. For retrieving data (i.e., serving web pages, search functions), GET is often more or less necessary and sufficient as long as its contents are sanitized.
Regarding the security guidelines I was seeking: What I might end up doing here is taking it upon myself to amass an "ultimate" coding checklist, since I can't seem to find everything I need in one place. After I put it all together, or as I put it together, I can incorporate the list into this post. Then I can email a forum admin and request that this post (or a derivation of this post) be made into a sticky. In the future, as new coding techniques emerge (or if I just missed something), any members of this forum can add to the list to keep the list current. Sound like a good idea?
Last edited by chump2877; 09-11-2009 at 10:05 PM..