Christopher Blöcker wrote:
This might not be relavent for this forum, so if not please direct me
to the proper one; although I do like to keep my email list
I have a custom application in PHP in which a user fills out a form of
information. When the user submits, I perform sanity checking on the
user's submitted data and refuse to actually process/insert it if
those checks fail. However, my users are complaining that when they
press back to correct, all the data is gone from the form and they
have to re-enter it all. I know many websites that can retain the form
data when someone presses back; how is this done?
ok, an input field might be something like <input type='text'
name='username' size='8' maxlegth='32'> --> the submitted variable would
be stored in $_POST["username"] (or $_GET["username"] depending on what
method you use to submit it)
*At least* use htmlentities or htmlspecialchars to stop xss attacks.
If I put:
as my username, and that alerts 'x', then I can steal cookies from your
computer and other bits of info as well.
Postgresql & php tutorials
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php