PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
//Stage 2 - The Logout
if ($_POST['action'] == "logout")
{
function logout() etc
So I’m not really sure how to approach this as I think that I need to include some sort of Post array in my ‘href’ above but I’m not sure how to go about this or if that is even possible.
Any help would be great
Thanks
Last edited by Benjamin on Sat May 09, 2009 10:04 am, edited 1 time in total.
Reason:Changed code type from text to html, php.
You'll just need to get the information using this instead:
Thanks a mil that was too obvious but I appreciate the help.
If you use $_SERVER['PHP_SELF'] on your form like that, you will be vulnerable to XSS attacks.
Can you give me a little more on this as I'm not sure about this issue. Are you saying if I use this without cleaning any input then it's risky or should I just avoid this at all costs. Usually I will clean the input but I'd appreciate any pointers on this.
Thanks
Addos wrote:Can you give me a little more on this as I'm not sure about this issue. Are you saying if I use this without cleaning any input then it's risky or should I just avoid this at all costs. Usually I will clean the input but I'd appreciate any pointers on this.
Thanks
In that code you are not cleaning anything. If you want to do it without filtering, use $_SERVER['SCRIPT_NAME'].