Results 1 to 4 of 4
Thread: Help about form security
Nov 25, 2013, 22:52 #1
- Join Date
- Oct 2010
- 0 Post(s)
- 0 Thread(s)
Help about form security
I have a form and some input field which i mentioned below. I have validate form field using jquery validation and also php validation. As there are some add ons in firefox and chrome browser that web development tools from which we can execute some task on any website form field. For example: If i make a field readonly then using "Make form fields writable" option of web development tools of firefox i can remove readonly property and type anything in that field. That's why i use preg_match() function to validate my required fields.
Also i have added captcha to prevent machine entries. But although i ensure php validation , now i am wondering to see that still i get vulnerable entries. How it possible? I s there any other way to prevent such type of entry i mentioned below? Please give me any idea if anyone have....
ID, Start Date, End Date, Last Name, First Name, Phone, Remarks
I declare in preg_match() function
ID must be numeric
Start date and end date with slash separator
Last Name and First Name must be character
Phone must be numeric
Remarks must be character but it does not support any special character
But this is strange i can see still anyone can post such type of data
Start Date: ???? ? Start Time: End Date: ???? ? End Time: Last Name: ???? ? First Name: ???? ? Phone: ???? ? Email: email@example.com Remarks: <a href=\"http://test.jp/\">MBT ???? ???</a> ?????? <a href=\"http://testjp/\" >???? ?</a> ???? ?
How is this possible? I need solution to prevent this type of entry
Last edited by ralph.m; Nov 25, 2013 at 22:56. Reason: fixed dodgy formatting and obfuscated URLs