0

I've the following PHP code 

<html>

<head>
    <title>
        Test
    </title>
</head>

<body>
    <form name="test" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
        <input type="text" name="name">
        <br>
        <input type="submit" name="submit" value="Submit Form">
        <br>
    </form>

    <?php
      if(isset($_POST['submit']))
       {
        $name = $_POST['name'];
        echo "User Has submitted the form and entered this name : <b> $name </b>";
        echo "<br>You can use the following form again to enter a new name.";
       }
     ?>
</body>

</html>

that works fine and echos the text that the user writes in the input text box.

The code should also avoid the PHP_SELF exploits (I hope .. )

But if I try to refresh the web page in my Firefox browser an alert appears that tell me

To display this page, Firefox must send information that will repeat any action (such as a search or order confirmation) that was performed earlier.

any suggestion on how to avoid this?

Community
  • 1
  • 1
Cesare
  • 1,629
  • 9
  • 30
  • 72

1 Answers1

0
 if(isset($_POST['submit']))
    {
     $name = $_POST['name'];
     echo "User Has submitted the form and entered this name : <b> $name </b>";
     echo "<br>You can use the following form again to enter a new name.";
         echo ("<script>  window.location.href='http://YourPatch.com';</script>");


    }
pedram shabani
  • 1,654
  • 2
  • 20
  • 30