sicspoisunk
New Member
I am a newbie to PHP still, so excuse this question if it seems silly, but I was wondering if this is safe usage of \[code\]$_SERVER['PHP_SELF']\[/code\].From my reading about what's wrong with it (prone to injection), I was wondering if it safe to compare it.For example, I want the PHP/CSS stylesheet to change depending on the page the person is on, so in the PHP/CSS, it would have an \[code\]if\[/code\] statement checking \[code\]$_SERVER['PHP_SELF']\[/code\] to see if the page their visiting requires a different stylesheet.Example:\[code\]if ($_SERVER['PHP_SELF'] === $thisPage) { }\[/code\]Could malicious code affect me this way? Could I simply validate/cleanse it, then use it?