yes, the same security risk exists in PHP. Many hosts have it turned off in their PHP configuration file, in favor of the safer $_POST (or $HTTP_POST_VARS) and $_GET (or $HTTP_GET_VARS) associate arrays.
Philip
------------------
Limecat is not pleased.
Philip
------------------
Limecat is not pleased.