Tedd's Secure $_POST form
Cut &Paste The Following:
<script type="text/javascript"> alert('Danger Will Robinson!!!');</script>
Cut &Paste The Following:
<script type="text/javascript"> alert('Danger Will Robinson!!!');</script>
<?php
include('includes/header.php');
// code
error_reporting(E_ALL); // set error reporting to all
$self = basename($_SERVER['SCRIPT_NAME']);
echo('<h1>Tedd\'s Secure $_POST form</h1>');
$message = isset($_POST['message']) ? $_POST['message'] : '';
// filter all input for Browser output
$message = htmlentities($message);
?>
<?php echo($message);?>
<form action="<?php echo($self);?>" method="POST" >
<table>
<tr>
<td class="right">
Message:
</td>
<td class="left">
<textarea cols=80 rows=6 name="message">
<?php echo($message);?>
</textarea>
</td>
</tr>
</table>
<p>
<input type="submit" name="submit" value="Submit">
</p>
</form>
<p>
Cut &Paste The Following:<br>
<script type="text/javascript"> alert('Danger Will Robinson!!!');</script>
</p>
<form action="form-unsecure.php" method="POST" >
<p>
<input type="submit" name="submit" value="Goto Unsecure Form">
</p>
</form>
<?php
include('includes/footer.php');
?>