I have a contact form on my website that asks the user for their name, email address and their comments.
One of the checks I did was to make sure names only contained A-Za-z characters.
Eventually I would like to make my content accessible to more people, including markets with different languages, such as Chinese, Japanese or Arabic.
I would like to screen data fields people are putting into my website for validity checks and for security reasons, but I'm seeing this as impossible considering internationalization considerations.
What are reasonable safeguards and validity checks I can impose on these variables?
Right now I'm considering letting everything slide (except for a ridged check on email addresses), and to automatically add a backward slash in front of questionable characters like other backward slashes, single and double quotes.
Is this reasonable? Should I be doing less, or more?