| Secure Form Security
|
chrissim
msg:4424010 | 7:37 am on Mar 2, 2012 (gmt 0) |
hi,
Guys, i have a form page and output page below and im seeking what is the best method security to secure my form from all kind of threats out there.
<form action="welcome.php" method="post">
Name: <input type="text" name="fname" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
|
|
Welcome <?php echo $_POST["fname"]; ?>!<br />
You are <?php echo $_POST["age"]; ?> years old.
|
|
Thanks
|
enigma1
msg:4424089 | 11:24 am on Mar 2, 2012 (gmt 0) |
You validate the input posted before you echo it. For instance age is expected to be an integer between 12-90. fname should be a string so you could verify it contains alphabetic chars between certain length limits. It then depends what your PHP code does with the values posted.
|
|
|
