Possible OT php form processing..
Reindl Harald
h.reindl at thelounge.net
Fri Mar 8 15:36:56 UTC 2013
Am 08.03.2013 16:32, schrieb Aaron Konstam:
> I don't know whether its my ignorance but I am having a problem wit form
> processing through php. I wish some help. Small example below:
>
> form.html ---------
> <html>
> <body>
> <h1> Welcome to ABC Web Page </h1>
> <form action="formscripts/processForm.php" method="GET">
> Enter Your Name:
> <Input type="text" name="username"><br>
> Where do you live?
> <input type="text" name="region"><b>
> <INPUT type="SUBMIT" name="submit" value="submit order" >
> </form>
> </body>
> </html>
>
> processForm.php
> ----------------
> <html>
> <body>
> <h3> Your form is being processed </h3>
> <?php
> print "Your name $username <br>";
> print "you live iin region: $region";
> ?>
> </body>
> </html>
>
> When I run form.html and click the submit , processForm.php is run but
> $username and $region is not transferred. Why is that?
oh my god
* register_globals is dead since years
* echo unsanitized user input is pure XSS
* unedfined variables are unsexy
* method GET form forms is bad and insecure for passwords due history
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130308/d68659d4/attachment.sig>
More information about the users
mailing list