At 2:22 AM -0800 12/24/09, Allen McCabe wrote:
Tedd,
If you are using a post method using $_SERVER['PHP_SELF'], then
values are present in the POST array, hence, you would write your
html with interspersed php like so:
<input type="text" name="username" value="<?php if
(isset($_POST['username'])) echo $_POST['username'] ?>"
id="username" />
No, I wouldn't do it that way.
First, a "post method using $_SERVER['PHP_SELF']" is the same as
action="". A form by default, defaults to itself and thus no need for
$_SERVER['PHP_SELF'].
Second, I seldom use any POST variable without sanitizing it first.
As such, my <input> statements always look like --
<input type="text" name="user_name" value="<?php echo($user_name); ?>" >
-- where the variable $user_name has been"sanitized" in some fashion
(i.e., trim, limit length, etc.).
I think that is easier to read and debug. Also, if I am using a
javascript routine (as mentioned in the OP), then I add '
id="user_name" '
Cheers and Merry Christmas.
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
