Skittlewidth wrote:Why are you sending the data as a query string if the form method is post? Is this intentional?
It's not a good idea to do that anyway. Some browsers will drop the query string when trying to send data via GET and POST simultaneously. Search the forums, you should find a thread about it somewhere.
Also, saqib389, it's difficult to provide any help without any code to work with. Please post what your login.php file looks like.
In addition to what mickd said about the ampersand, the action="" parameter requires quotes. Although some browsers will work anyhow if you forget them, but if you happen to have non url-encoded characters in it (which you should have escaped anyway), then your page may not work properly on some browsers.
Here's a better example of what your form should look like:
<form action="request.php?username=<?= urlencode($_REQUEST['username']) ?>&email=<?= urlencode($_POST['email']) ?>" method="post" >
<!-- Some form stuff in here... -->
</form>
What I also noticed in your code was <?= "bla"
; ?> using the semicolon. That'll give you a parsing error, since in <?=?> tags this gets dropped.
Another thing: Try to avoid $_REQUEST. It's an open invitation to crackers and script kiddies. It's a security vulnerability, because it includes all request objects; ie: GET, POST, and COOKIE.