|
Posted by Jonathan N. Little on 06/06/07 18:45
Erwin Moller wrote:
> Iván Sánchez Ortega wrote:
>
>> Erwin Moller wrote:
>>
>>> I never understood why people want to use PHP_SELF.
>> Portability.
>
> Right, I see your point.
> Comes in handy when using general form-generating routines and the like. ;-)
I would advise:
// prevent some wiseass XSS insertion
$sanitized=htmlentities($_SERVER['PHP_SELF']);
<form action="<?php echo $sanitized; ?>" method="post">
--
Take care,
Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com
[Back to original message]
|