Re: Re: RewriteRules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jan 13, 2009 at 1:14 PM, Jason Pruim <japruim@xxxxxxxxxx> wrote:
>
> On Jan 13, 2009, at 9:46 AM, Ashley Sheridan wrote:
>
>> On Tue, 2009-01-13 at 09:33 -0500, tedd wrote:
>>>
>>> At 2:33 PM +0000 1/13/09, Ashley Sheridan wrote:
>>>>
>>>> On Tue, 2009-01-13 at 09:20 -0500, tedd wrote:
>>>>>
>>>>>  Jason:
>>>>>
>>>>>  In addition to what everyone else has said, try this:
>>>>>
>>>>>  $self = basename($_SERVER['SCRIPT_NAME'])
>>>>>
>>>>>  I use it for forms -- you might find it useful.
>>>>>
>>>>>  Cheers,
>>>>>
>>>>>  tedd
>>>>>  --
>>>>>  -------
>>>>>  http://sperling.com  http://ancientstones.com  http://earthstones.com
>>>>>
>>>> No need to use it on forms, as leaving the action attribute empty means
>>>> the form sends to itself anyway.
>>>>
>>>> Ash
>>>
>>>
>>> Ash:
>>>
>>> That's what I've said for years, but (I think it was on this list,
>>> but too lazy to look) there was a concern that some browsers may not
>>> follow that default behavior.
>>>
>>> However, using what I provided will work regardless.
>>>
>>> Cheers,
>>>
>>> tedd
>>>
>>> --
>>> -------
>>> http://sperling.com  http://ancientstones.com  http://earthstones.com
>>>
>> I've not yet seen a browser that doesn't do this, and it's pretty old
>> HTML really, so I don't see a reason why any new browsers wouldn't
>> incorporate it.
>
> I prefer to be specific in my programming :)
>
> What I typically do with self submitting forms is:
> <?PHP
> $self = $_SERVER['PHP_SELF'];
>
>
> echo <<<HTML
>        <form method="post" action="{$self}">
> ...
>
> </form>
> HTML;
> ?>
>
> But to each his (Or her) own right?
>
>
> --
> Jason Pruim
> japruim@xxxxxxxxxx
> 616.399.2355
>
>
>
>

You know that's asking for xss, right?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux