Since I started programming with PHP I’ve used several ways to check if a form was sent via the
POST method. This is useful when the same method of control (or the same script, if you’re using structured programming or not using the MVC model) handle the form presentation and also its submission.
I used three ways, in chronological order, to do this: Continue reading “Checking if a form was sent via POST method”
DISCLAIMER: This post is really old. There are better ways to prevent XSS injection nowadays.
I’m using the following snippet to avoid XSS injection through forms. It’s simple. I’ve already seen some more advanced techniques to do this, but for some cases, it’s enough.
If you have form fields that allow HTML tags, you probably want to ignore (or at least filter) its content. Continue reading “Simple PHP XSS injection preventer”