Code: Select all
<?php
// set error reporting to strict
ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
// filter input
$clean = array();
if (ctype_alnum($_POST['username']))
{
$clean['username'] = $_POST['username'];
}
//escape output to html
$html = array();
$html['username'] = htmlentities($clean['username'],ENT_QUOTES, 'UTF-8');
echo "<p>Welcome back, {$html['username']}.</p>";
?>Code: Select all
<?php
// set error reporting to strict
ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
// filter input
$clean = array();
if (isset($_POST['username']) && ctype_alnum($_POST['username']))
{
$clean['username'] = $_POST['username'];
}
//escape output to html
$html = array();
if(isset($clean['username']))
{
$html['username'] = htmlentities($clean['username'],ENT_QUOTES, 'UTF-8');
echo "<p>Welcome back, {$html['username']}.</p>";
}
?>