ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  User-Friendly Form Validation with PHP and CSS
Subject:   $_SERVER['PHP_SELF']?
Date:   2009-05-17 21:56:17
From:   Shubhamoy
Response to: $_SERVER['PHP_SELF']?

Hi,


We should avoid using $_SERVER['PHP_SELF'] instead htmlentities($_SERVER['PHP_SELF']) should be preferred. This will block the XSS Hack. For more information read this : http://www.html-form-guide.com/php-form/php-form-action-self.html


BR,
Shubhamoy
http://shubhamoy.com/blog