What are the potential security risks of using meta refresh in PHP?

Using meta refresh in PHP can pose security risks such as open redirect vulnerabilities, where an attacker can manipulate the redirect URL to redirect users to malicious websites. To mitigate this risk, it is recommended to validate and sanitize user input before using it in the meta refresh tag.

// Validate and sanitize the redirect URL before using it in the meta refresh tag
$redirectUrl = filter_var($_GET['redirect'], FILTER_SANITIZE_URL);
echo "<meta http-equiv='refresh' content='0;url=$redirectUrl'>";