How to do postback in html form when we use PHP ? The postback method should be free from XSS vulnerability. Thanks in advance...
Not sure what you want to do. You can output HTML from PHP in several ways: <?php echo <<<HTML <html> <head> <title>Web Page</title> </head> <body> Your web page </body> </html> HTML; ?> PHP: Or beak out of PHP: <?php // PHP here... ?> <html> <head> <title>Web Page</title> </head> <body> Your web page </body> </html> <?php // PHP here... ?> PHP:
This is not what i meant. I will explain it. I have a html form When we submit the form, it will validate values from server side. And if any validation errors are there, it will come back to the html form with values they filled. I know this method - <input type="text" name="txtName" value="<?php echo $_REQUEST['txtName']; ?>" /> but this method is having high XSS vulnerability risk. I am looking for another method if any........
And clean all user input before you even consider doing anything with it like showing it to the browsers