my problem <?php echo htmlspecialchars($_server["php_self"]);?> when run script <form class="form" method="post" action="contact"> works well, using htaccess file hide extension , script not work if use <form class="form" method="post" action="<?php echo htmlspecialchars($_server["php_self"]);?>"> , , in local server have removed htaccess file there no extension hiding , script good. searching solution because want stay away hackers.
use $_server["request_uri"] instead of $_server["php_self"].
$_server["request_uri"] returns path (and query string) of request url.
$_server["php_self"] returns path of current php script relative document root. won't work if rewriting urls of scripts.
Comments
Post a Comment