SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Member
    Join Date
    Apr 2007
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Email injection (again)

    I have read the key entries on this subject and, being a newbie, I have to say that I am rather confused. A lot of the replies assume a level of knowledge that I do not have. My flash form is very simple - it only has three fields, so the php script is equally basic. What I need to know is where to perform the validation - in the fla or on the server-side. The chunks of code in the replies in the forums should go in the script or in the fla? Presumably in the server-side script, but how do they get called? You can see that I am struggling. I am going to keep searching, but if anybody could point me to a noddy guide for validation with the appropriate scripts (and where they should go!) that would sure be appreciated.

    All the best

    Peter_02

  2. #2
    SitePoint Enthusiast
    Join Date
    Feb 2007
    Location
    Swindon, UK
    Posts
    50
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Whenever I write a form, I validate it both client side and server side.

    It is a good idea to validate forms client side, just with simple checks, eg all the required fields are filled in etc - just to improve the users experience - its better to be told straight away that a form needs to be filled in, rather than waiting for a form to process, and then being told.

    Server side is where the proper processing takes place however.

    I can't help you with flash validation, as I don't know flash at all, however, PHP validation I can!

    In a simple three field script, really all you need to do is check that:[*] All the fields are completed[*] The e-mail address is valid[*] Any other specific fields are valid (ages are just numbers etc.)

    Anyway, there is a tutorial on form validation at http://www.thesitewizard.com/archive/phptutorial2.shtml which coveres the basics, and another at http://www.onlamp.com/pub/a/php/2004...css_forms.html which covers quite alot - see if these makes any sense to you, and let us know if it does or doesn't, and we can give you some more help

  3. #3
    SitePoint Member
    Join Date
    Apr 2007
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I much appreciate your reply and I will have a look at those two sources and come back to you, if I may.

    Best

    Pete

  4. #4
    SitePoint Enthusiast
    Join Date
    Feb 2007
    Location
    Swindon, UK
    Posts
    50
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thats fine - see what you come up with and get back to me I might be off soon, so if I am before you reply, I'll look at it in the morning

  5. #5
    SitePoint Wizard cranial-bore's Avatar
    Join Date
    Jan 2002
    Location
    Australia
    Posts
    2,634
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you don't want to get into the nitty gritty of validating the input against injection have a look as this as_mail function. You just call as_mail instead of PHP's native mail() function and you should be protected (haven't used it personally though).


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •