Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2

Thread: form security

  1. #1
    New Coder
    Join Date
    Jan 2009
    Posts
    80
    Thanks
    1
    Thanked 0 Times in 0 Posts

    form security

    everyone or every tutorial i read seem to use this to check a form
    Code:
    if(!isset($_POST[submit]))
    my problem is that this only checks that the data being recieved came from a POST variable named 'submit'

    From my experiences i have come not to trust user input
    What is to stop a person creating a form on there computer and directing it to my page?

    Am i led to believe this is suffient as long as i check each input feild to only alow data type/characters of what i want to alow
    meaning it doesnt matter if the form did come from a outside source as long as it meets my criteria

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Am i led to believe this is suffient as long as i check each input feild to only alow data type/characters of what i want to alow
    meaning it doesnt matter if the form did come from a outside source as long as it meets my criteria
    That's correct.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •