It works fine in IE because I can turn the variable object into text with a simple property, but in Firefox (using the serialize To String method), the object appears in my textarea tags and all. so when user clicks inside textarea then submit button appears and default text disappears and when user clicks somewhere else or outside textarea then it gets back to original state i.e, default text appears back and submit button disappears. in this code when i click inside textarea then submit button does appear but text does not erase and when i click outside then button remains in sight.This is just a simple and harmless example how the PHP_SELF variable can be exploited.Be aware of that any Java Script code can be added inside the - this would not be executed, because it would be saved as HTML escaped code, like this: <script>location.href(' The code is now safe to be displayed on a page or inside an e-mail. These pages will show how to process PHP forms with security in mind.
Proper validation of form data is important to protect your form from hackers and spammers!
i just want to know how am i gonna retrieve or obtain the equivalent keyascii code of the character pressed by the user and pass it on my function check so i can filter the characters that will only be accepted by the textbox. maybe this one will help: I want to make it possible that only valid characters will be displayed on the textbox whenever the user presses a key.