Javascript seemed to eliminate injections.

Forum Moderators: phranque

Message Too Old, No Replies

Javascript seemed to eliminate injections.

Injection halted after inserting simple validation code?

bartainer

8:17 pm on Sep 11, 2005 (gmt 0)

Hello,

I was looking for a more complex solution to this problem, however. I have found out that by inserting simple javascript validation, the injections have halted. And I mean stopped right away! My validation requires numerals for zip code and phone numbers. I hope it continues to work.

txbakers

8:36 pm on Sep 11, 2005 (gmt 0)

But remember, people can diable javascript very easily and still inject you.

SO, take the time and do it server side as well.

bartainer

9:24 pm on Sep 11, 2005 (gmt 0)

Is this a server problem, or is there a problem that exist within my form? Emails are not coded in the form! Furthermore, I use a php mailer. Also, is there an easier solution to this annoying problem. I mean what moron has enough time on his hands to obstruct and create havoc.

txbakers

10:57 pm on Sep 11, 2005 (gmt 0)

when a form gets submitted, you can validate it once with javascript before it leaves the client.

Then, you should validate it again when it hits the server. If you are using a pre-written script there should be something in there for it already.