i am new to php. i have designed a form in html and its php part in different file.now i want to connect the file with each other. i have tried using
<form action="file.php" method="post">
but connecting in this way is not secured and i cannot connect using
<form method="post" action="<?php echo $_SERVER["PHP_SELF"];?>">
as this will work only if the php codes and html codes are written in same file. please help me.
if i use
and if someone enters this url as
http://www.variable.com/file.php/%22%3E%3Cscript%3Ealert('hacked')%3C/script%3E
then it will show alert box telling it is hacked.