What are the potential pitfalls of displaying old values in form fields and how can they be avoided in PHP?
Displaying old values in form fields can potentially lead to security risks such as displaying sensitive information to unauthorized users or inadvertently exposing user data. To avoid this, it is recommended to clear the form fields after submission or only display the old values when necessary for user experience purposes.
<?php
// Check if form is submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Process form data
// Clear form fields after submission
$_POST = array();
}
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<input type="text" name="username" value="<?php echo isset($_POST['username']) ? htmlspecialchars($_POST['username']) : ''; ?>">
<input type="password" name="password" value="">
<button type="submit">Submit</button>
</form>