PHP Security - $_POST - Injection<?if ($_POST['submit']=="1"){ $input =

1. PHP Security - $_POST - Injection
2. <?
3. if ($_POST['submit']=="1"){
4.  
5. $input = $_POST['input'];
6. echo "echo the input: ".$input."<br/>";
7. }
8. ?>
9. <form action="<? $PHP_SELF;?>" method="POST">
10. <input type="text" name="input" value="<? echo $_POST['input'];?>"/>
11. <input type="hidden" name="submit" value="1"/>
12. <input type="submit" value="submit"/>
13. </form>
14.  
15. ";unset('index.php');