doubledee Posted August 23, 2011 Share Posted August 23, 2011 It has been brought to my attention that $_SERVER['PHP_SELF']; can be easily hacked. In this code... <form id="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> Do I even need anything in the Action attribute if I am redirecting the form to itself?! Please advise... Debbie Quote Link to comment https://forums.phpfreaks.com/topic/245515-need-help-rewriting-action-attribute-in-form-tag/ Share on other sites More sharing options...
doddsey_65 Posted August 23, 2011 Share Posted August 23, 2011 if you are processing the data on the same page as the form then you could just use action="" Quote Link to comment https://forums.phpfreaks.com/topic/245515-need-help-rewriting-action-attribute-in-form-tag/#findComment-1261022 Share on other sites More sharing options...
doubledee Posted August 23, 2011 Author Share Posted August 23, 2011 if you are processing the data on the same page as the form then you could just use action="" Okay, thanks! Debbie Quote Link to comment https://forums.phpfreaks.com/topic/245515-need-help-rewriting-action-attribute-in-form-tag/#findComment-1261032 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.