SitePoint Sponsor

User Tag List

Results 1 to 4 of 4

Threaded View

  1. #1
    SitePoint Enthusiast
    Join Date
    Oct 2010
    0 Post(s)
    0 Thread(s)

    Question Help about form security


    I have a form and some input field which i mentioned below. I have validate form field using jquery validation and also php validation. As there are some add ons in firefox and chrome browser that web development tools from which we can execute some task on any website form field. For example: If i make a field readonly then using "Make form fields writable" option of web development tools of firefox i can remove readonly property and type anything in that field. That's why i use preg_match() function to validate my required fields.

    Also i have added captcha to prevent machine entries. But although i ensure php validation , now i am wondering to see that still i get vulnerable entries. How it possible? I s there any other way to prevent such type of entry i mentioned below? Please give me any idea if anyone have....

    Form field:

    ID, Start Date, End Date, Last Name, First Name, Phone, Remarks

    I declare in preg_match() function

    ID must be numeric
    Start date and end date with slash separator
    Last Name and First Name must be character
    Phone must be numeric
    Remarks must be character but it does not support any special character

    But this is strange i can see still anyone can post such type of data

    Start Date: ???? ?
    Start Time:
    End Date: ???? ?
    End Time:
    Last Name: ???? ?
    First Name: ???? ?
    Phone: ???? ?
    Remarks: <a href=\"\">MBT ???? ???</a> ?????? <a href=\"http://testjp/\" >???? ?</a> ???? ?

    How is this possible? I need solution to prevent this type of entry

    Last edited by ralph.m; Nov 25, 2013 at 22:56. Reason: fixed dodgy formatting and obfuscated URLs

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts