kill url injection when using 'PHP_SELF'


/ Published in: PHP

kill url injection when using 'PHP_SELF' in forms


Copy this code and paste it in your HTML
  1. $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.