Question : Forms and Unicode (utf-8) Characters

Greetings Experts!

I have developed a basic form, that the user fills out the details and once submited creates a SVG file with the basic shape inwhich the user has seleted. I was wondering how i can make my form more secure? In terms of if somebody was to post an HTML injection how my form would not accept it and how i can make my form accept Unicode (utf-8) Characters... So if i user was to type Unicode in it would accept it rather than just text. I have attched my code so far, any advice would be awesome.

1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml"> <head> <title>SVG Logo Creator - By Alan Smith</title> <link rel="stylesheet" type="text/css" href="style.css" /> <body> <table border="0" class="maintable" cellpadding="3px" cellspacing="3px"> <tr> <td width="40%"> <!-- Main Form --> <form style="margin:0px" action="test.php" method="get" target="view"> <br /><br /> <!-- Circle --> <strong>Circle:</strong><br /> Which colour Would You Like? <?php $arr =array("Red", "Blue", "Green", "Yellow", "Black", "White", "Pink", "Grey", "Orange", "Purple", "Brown"); echo "<select name='colour'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?><br /> The x-axis center of the circle? <input type="text" name="cx" /><br /> The y-axis center of the circle? <input type="text" name="cy" /><br /> The circle's radius? <input type="text" name="r" /><br /><br /> <!-- Rectangle --> <strong>Rectangle:</strong><br /> Which colour Would You Like? <?php $arr =array("Red", "Blue", "Green", "Yellow", "Black", "White", "Pink", "Grey", "Orange", "Purple", "Brown"); echo "<select name='reccolour'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?><br /> The x-axis center of the rectangle? <input type="text" name="recx" /><br /> The y-axis center of the rectangle? <input type="text" name="recy" /><br /> The width of the rectangle? <input type="text" name="recwidth" /><br /> The height of the rectangle? <input type="text" name="recheight" /><br /><br /> <!-- Line --> <strong>Basic Line:</strong><br /> Which colour Would You Like? <?php $arr =array("Red", "Blue", "Green", "Yellow", "Black", "White", "Pink", "Grey", "Orange", "Purple", "Brown"); echo "<select name='linecolour'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?><br /> The start point x1 of the line? <input type="text" name="x1" /><br /> The start point y1 the line? <input type="text" name="y1" /><br /> The end point x1 of the line? <input type="text" name="x2" /><br /> The end point y1 the line? <input type="text" name="y2" /><br /> <br /> <!-- Text --> <strong>Text:</strong><br /> Which colour Would You Like? <?php $arr =array("Red", "Blue", "Green", "Yellow", "Black", "White", "Pink", "Grey", "Orange", "Purple", "Brown"); echo "<select name='tfill'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?><br /> Which font would you like your text to be? <?php $arr =array("Arial", "Arial Black", "Courier New", "Impact", "Comic Sans MS", "Courier New", "Tahoma", "Verdana", "Times New Roman", "MS Sans Serif", "New York"); echo "<select name='tfont'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?><br /> Which text would you like to include? <input type="text" name="inputtext" /><br /> The x-axis center of the text? <input type="text" name="tx" /><br /> The y-axis center of the text? <input type="text" name="ty" /><br /> What size would you like your text? <?php $arr =array("10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31", "32", "33", "34", "35", "36", "37", "38", "39", "40", "41", "42", "43", "44", "45", "46", "47", "48", "49", "50", "51", "52", "53", "54", "55", "56", "57", "58", "59", "60", "61", "62", "63", "64", "65", "66", "67", "68", "69", "70", "71", "72", "73", "74", "75", "76", "77", "78", "79", "80", "81", "82", "83", "84", "85", "86", "87", "88", "89", "90", "91", "92", "93", "94", "95", "96", "97", "98", "99", "100"); echo "<select name='tsize'>"; foreach($arr as $option){ echo "<option value='{$option}'>{$option}</option>"; } echo "</select>"; ?> <br /> <br /> <input type="submit" value="Submit" onclick="displayad()"> <input type="reset" value="Reset" /> </form> </td> <!-- Right Side Column --> <td valign="top"> <p class="result_header"> <br /><br /> <br /><br /> <p><strong>AVG Logo Creator:</strong><br /></p> <FONT COLOR="#FF0000">WARNING!</FONT> - Please read the tutorial before trying to make a logo!!!<br /> <p><strong>Your Logo will be displayed below:</strong><br /></p> <!-- Frame with SVG Result --> <iframe class="result_output" width="70%" height="400px" frameborder="0" name="view" src="test.php?filename=trycss_default"></iframe><br /> </td> </tr> <tr> </tr> </table> </body> </html>

Answer : Forms and Unicode (utf-8) Characters

Try embedding the main swf that calls the other swf into an html page.