Welcome to WebmasterWorld Guest from 18.104.22.168 , register , free tools , login , search , subscribe , help , library , announcements , recent posts , open posts Pubcon Platinum Sponsor
Secure Form Security chrissim msg:4424010 7:37 am on Mar 2, 2012 (gmt 0) hi, Guys, i have a form page and output page below and im seeking what is the best method security to secure my form from all kind of threats out there.
<form action="welcome.php" method="post"> Name: <input type="text" name="fname" /> Age: <input type="text" name="age" /> <input type="submit" /> </form>
Welcome <?php echo $_POST["fname"]; ?>!<br /> You are <?php echo $_POST["age"]; ?> years old. Thanks
enigma1 msg:4424089 11:24 am on Mar 2, 2012 (gmt 0)
You validate the input posted before you echo it. For instance age is expected to be an integer between 12-90. fname should be a string so you could verify it contains alphabetic chars between certain length limits. It then depends what your PHP code does with the values posted.