can someone show me the right way to do the following...
<a href="<?=$PHP_SELF?action=bigger; ?>">
I want to pass a variable to a self submitting link.
Thanks,
<a href="<? echo $_SERVER['PHP_SELF'].'?action=bigger';?>">
$PHP_SELF should not be used because it will not work without
register_globals being enabled. Rather, you should use $_SERVER
['PHP_SELF'] for it as above however...
Don't forget to check for XSS! Using PHP_SELF you could simply change
the URL in the browser to:
/path/to/script.php"><script>alert('hello');</script><b "
so always run on htmlspecialchars on PHP_SELF!
<a href="<? echo htmlspecialchars($_SERVER['PHP_SELF']).'?
action=bigger';?>">
-Jeff
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jeffrey Sambells
Director of Research and Development
Zend Certified Engineer (ZCE)
We-Create Inc.
[EMAIL PROTECTED] email
519.745.7374 office
519.897.2552 mobile
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get Mozilla Firefox at
http://spreadfirefox.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
