Security Help


Ive created a new form on a website with all the php used to validate the form and email the form is located inside the <body></body> tags.

Im just wondering if there is a bigger security risk having my php code in the body as it contains emails ect… as opposed to above the doctype?

No, if the server parses the page as php it will never be visible, and if not, it will be visible no matter where you put it.

But, don’t do that :slight_smile: Keep all of that logic separate from the html (view/template) part of your page; even just moving it all to the top of the file is a start.