Ford, Mike wrote:
How about something like:
<a href="<?php echo $_SERVER['PHP_SELF'] ?>?session_switch=<?php $_GET['session_switch']?0:1
?>">switch</a>
Beware that PHP_SELF is injectable like several other $_SERVER
variables, so you must at least encode it to prevent XSS attacks.
Eg. http://example.com/foo.php/";></a><script>alert('xss here');</script
Passing it through htmlspecialchars() will encode it safely, but in this
case you can just omit it.
href="?foo=bar" is perfectly valid and works fine.
Arpad
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
