The PHP_SELF variable is used to get the name and path of the current file but it can be used by the hackers too. If PHP_SELF is used in your page then a user can enter a slash (/) and then some Cross Site Scripting (XSS) commands to execute.

See below for an example:

<form name="test" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

Now, if a user has entered the normal URL in the address bar like “http://www.yourdomain.com/form-action.php”, the above code will be translated as:

<form name="test" action="form-action.php" method="post">

This is the normal case. Continue Reading »

• $_SERVER is an array defined in PHP and it stores information about your server and execution environment information.
• $_SERVER['PHP_SELF'] variable:

This array element points out the filename of the currently executing script. For example, if you run www.cyberciti.biz/index.php, $_SERVER['PHP_SELF'] would be /index.php. This is relative to the document root. This is useful to referring HTML forms and other element.

What is PHP_SELF variable?

 http://www.yourserver.com/form-action.php

 "/form-action.php"

 http://www.yourserver.com/dir1/form-action.php

 "/dir1/form-action.php"

Several time we need to add google search box in our site or client site. But how can we add this. Just I will provide you some HTML code, copy this code and paste on your desire place. Ok lets go to copy this code. Just follow the bellow code

<form method="get" action="http://www.google.com/search">

<input type="text"   name="q" size="31" maxlength="255" value="" />

<input type="submit" value="SearchSite" />

</form>

Those who are newcomer in cakephp platform. He is important feel about it user guide or manual. So, For the better performance of the newcomer add here some user guide and manual. Please download  the user guide. CakePHP manual