View Single Post
04-17-2009, 08:55 PM
Join Date: Feb 2009
Location: New York
Originally Posted by
Just a little security tip; Remember to escape HTML characters when using $_SERVER['PHP_SELF'], as its not filtered and may contain input that can cause XSS
hmmm, I know how to escape user input with mysql_real_escape function, how do you escape $_SERVER['PHP_SELF']?
Is it with the mysql function too or is there a PHP function?
View Public Profile
Send a private message to allworknoplay
Find More Posts by allworknoplay