[thelist] PHP_SELF / Contact Form
DAVOUD TOHIDY
dtohidy at hotmail.com
Thu Jul 29 15:11:19 CDT 2010
> Date: Thu, 29 Jul 2010 21:39:37 +0200
> From: jens.brueckmann at gmail.com
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] PHP_SELF / Contact Form
>
> > I did that but it just outputs the content of contact.php file without processing the form.
>
> Davoud, that is no wonder as the method you specify in your
> method-attribute is "get" while your processing script is waiting for
> POST-variables.
> Either change your script variables to $_GET['XXX'] or your method to "post"
Using action="<?php 'mypages/contact.php' ?>" method="post" >
I get this:
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user '***'@'localhost' (using password: NO)
in /home/***/***/***/mypages/contact.php on line 27
and html source code it says action=" "
I have not set up any users and that I do not connect to the database within contact.php file
however i check for the sql injections like:
if(isset($_POST['btnshoot'])) {
$name = mysql_real_escape_string(htmlentities(strip_tags(stripslashes(trim($_POST['name'])))));// etc
using action="<?php $_GET['mypages/contact.php'] ?>" method="get" i get:
Not Found
The requested URL /***/<br /><b>Notice</b>:
Undefined index: mypages/contact.php in
<b>/home/***/***/***/mypages/contact.php</b> on
line <b>211</b><br /> was not found on this server.
More information about the thelist
mailing list