...

View Full Version : form security



chris_s_22
11-05-2009, 11:17 AM
everyone or every tutorial i read seem to use this to check a form


if(!isset($_POST[submit]))


my problem is that this only checks that the data being recieved came from a POST variable named 'submit'

From my experiences i have come not to trust user input
What is to stop a person creating a form on there computer and directing it to my page?

Am i led to believe this is suffient as long as i check each input feild to only alow data type/characters of what i want to alow
meaning it doesnt matter if the form did come from a outside source as long as it meets my criteria

Fumigator
11-05-2009, 04:47 PM
Am i led to believe this is suffient as long as i check each input feild to only alow data type/characters of what i want to alow
meaning it doesnt matter if the form did come from a outside source as long as it meets my criteria

That's correct.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum