Checking if a form was sent via POST method

Since I started programming with PHP I’ve used several ways to check if a form was sent via the POST method. This is useful when the same method of control (or the same script, if you’re using structured programming or not using the MVC model) handle the form presentation and also its submission.

I used three ways, in chronological order, to do this: Continue reading “Checking if a form was sent via POST method”

Simple PHP XSS injection preventer

DISCLAIMER: This post is really old. There are better ways to prevent XSS injection nowadays.

I’m using the following snippet to avoid XSS injection through forms. It’s simple. I’ve already seen some more advanced techniques to do this, but for some cases, it’s enough.

If you have form fields that allow HTML tags, you probably want to ignore (or at least filter) its content. Continue reading “Simple PHP XSS injection preventer”