[thelist] PHP_SELF / Contact Form

Ken Robinson kenrbnsn at rbnsn.com
Mon Aug 2 16:44:52 CDT 2010

At 05:38 PM 8/2/2010, DAVOUD TOHIDY wrote (in part):

>However I have got a quick question. In order to maintain the user 
>data in the form fields I am using the php short tags for instance <?=$name?>
>As I was reading an article suggesting that short tags have security 
>issues and that it is not a good idea to use them. unfortunately I 
>do not remember the article url.
>I did try <?php $name ?> however it did not work. the question is 
>why it does not work? Am I mistaking somewhere and it should work?

The <?= tag is shorthand for <?php echo, so you need to replace 
<?=$name?> with <?php echo $name ?>.

The reason the short tag is a security risk is that if you move your 
code to a server that has short tags turned off or your host turns 
them off, there is a real risk that your code will be shown.

Ken Robinson

More information about the thelist mailing list