How can we avoid my php form from hacking

0 votes
I wanted to know how can i  avoid $_SERVER["PHP_SELF"]  from exploits?
Feb 13, 2020 in PHP by kartik
 • 37,520 points 2,593 views

1 answer to this question.

0 votes

Hii @kartik,

If you want to know php from can led to vulnerability check it out- PHP Form Security

  $_SERVER["PHP_SELF"] exploits can be avoided by using the htmlspecialchars() function.

The form code should look like this:

<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">

The htmlspecialchars() function converts special characters to HTML entities. Now if the user tries to exploit the PHP_SELF variable, it will result in the following output:

<form method="post" action="test_form.php/&quot;&gt;&lt;script&gt;alert('hacked')&lt;/script&gt;">

The exploit attempt fails, and no harm is done!

answered Feb 13, 2020 by Niroj
 • 82,840 points

Related Questions In PHP

0 votes
1 answer

How can we track Google Analytics on a redirection page with PHP?

Hello @kartik, Since the page that is sending ...READ MORE

answered Apr 29, 2020 in PHP by Niroj
 • 82,840 points 1,182 views
0 votes
1 answer

How can I get the classname from a static call in an extended PHP class?

Hello @kartik, __CLASS__ always returns the name of the ...READ MORE

answered Oct 27, 2020 in PHP by Niroj
 • 82,840 points 1,038 views
0 votes
0 answers

How can I store and retrieve images from a MySQL database using PHP?

How can I insert an image in ...READ MORE

Jun 14, 2022 in PHP by narikkadan
 • 63,600 points 486 views
0 votes
0 answers

How can I remove a package from Laravel using PHP Composer?

What is the best way to remove ...READ MORE

Jun 25, 2022 in PHP by narikkadan
 • 63,600 points 545 views
+1 vote
1 answer

What is the relationship between angularjs Scope with controller/view?

Let us consider the below block: <div ng-controller="emp"> ...READ MORE

answered Jan 20, 2020 in Web Development by Niroj
 • 82,840 points
edited Jan 21, 2020 by Niroj 1,144 views
0 votes
1 answer

What is a Cookie? How to create Cookies With PHP?

A cookie is often used to identify ...READ MORE

answered Feb 13, 2020 in PHP by Niroj
 • 82,840 points 3,792 views
0 votes
1 answer

How to shrink Navigation menu or bar on Scroll?

Hey, You can follow the steps below in ...READ MORE

answered Feb 19, 2020 in PHP by varun
 3,780 views
0 votes
1 answer

How to reload or re-render the entire page using AngularJS?

Hello @kartik< For the record, to force angular ...READ MORE

answered Jul 15, 2020 in Node-js by Niroj
 • 82,840 points 5,131 views
0 votes
1 answer

Connection with MySQL server using PHP. How can we do that?

Hey @kartik, You have to provide MySQL hostname, ...READ MORE

answered Mar 27, 2020 in PHP by Niroj
 • 82,840 points 1,295 views
0 votes
2 answers

How can we create a session in PHP?

Hello, niroj. Here is my idea session_start(); $_SESSION['USERNAME'] ...READ MORE

answered Dec 7, 2020 in PHP by Famous
 • 140 points 1,180 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.