Re: [opensuse] PHP Question

John D Lamb escribió:

<form method="post" action="<?php echo $SEVER['PHP_SELF']; ?>">

Sure,and then you get a free security hole. it should say. <form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>"> or in case you **really** want to use PHP_SELF <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">