Possible OT php form processing..

Aaron Konstam akonstam at sbcglobal.net
Fri Mar 8 20:50:30 UTC 2013


On Fri, 2013-03-08 at 16:36 +0100, Reindl Harald wrote:
> 
> Am 08.03.2013 16:32, schrieb Aaron Konstam:
> > I don't know whether its my ignorance but I am having a problem wit form
> > processing through php. I wish some help. Small example below:
> > 
> > 	form.html        ---------
> > <html>
> > <body>
> > <h1> Welcome to ABC Web Page </h1>
> > <form action="formscripts/processForm.php" method="GET">
> > Enter Your Name: 
> > <Input type="text" name="username"><br>
> > Where do you live?
> > <input type="text" name="region"><b>
> > <INPUT type="SUBMIT" name="submit" value="submit order" >
> > </form>
> > </body>
> > </html>
> > 
> >         processForm.php
> >         ----------------
> > <html>
> > <body>
> >  <h3> Your form is being processed </h3>
> > <?php
> > print "Your name $username <br>";
> > print "you live iin region: $region";
> > ?>
> > </body>
> > </html>
> > 
> > When I run form.html and click the submit , processForm.php is run but
> > $username and $region is not transferred. Why is that?
> 
> oh my god
> 
> * register_globals is dead since years
> * echo unsanitized user input is pure XSS
> * unedfined variables are unsexy
> * method GET form forms is bad and insecure for passwords due history
> 

I appreciate the replies. I especially  appreciated no one replying by
saying, you idiot , what you are trying to do has been obsolete for 10
years. Well you ask, and you learn.
-- 
=======================================================================
I have become me without my consent.
=======================================================================
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam at sbcglobal.net



More information about the users mailing list