Variable Visions

Articles PHP htmlentities-protects-your-self-processing-form-from-malicious-XSS-injections


tutorials - PHP and Web-Development.

htmlentities protects your self-processing form from malicious XSS injections

Published Sat. Sep. 01, 2012


Compare the two forms tags below:

<form name="form_name" action="<?php $_SERVER['PHP_SELF']; ?>" method="POST">

 

<form name="form_name" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">


Tag(s): htmlentities, XSS