John D Lamb escribió: > > <form method="post" action="<?php echo $SEVER['PHP_SELF']; ?>"> >
Sure,and then you get a free security hole. it should say. <form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>"> or in case you **really** want to use PHP_SELF <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
signature.asc
Description: OpenPGP digital signature
