SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: secure forms

  1. #1
    SitePoint Enthusiast
    Join Date
    Jan 2002
    Posts
    31
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    secure forms

    how is the best way to protect forms that take customer comments from malicious code such as javascript? the option we have taken disallows certain characters -

    ; > * ~ \ . @ < % $ " #

    is this the best method or are there better options?

    sometimes a customer will complain at not being able to enter these characters.

  2. #2
    gingham dress, army boots... silver trophy redux's Avatar
    Join Date
    Apr 2002
    Location
    Salford / Manchester / UK
    Posts
    4,838
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    just make it clear in your input boxes that only alphanumeric charactes are allowed. if they do enter extra characters, just strip them out. don't reject the form entry, just do it. all this imho, of course...
    re·dux (adj.): brought back; returned. used postpositively
    [latin : re-, re- + dux, leader; see duke.]
    WaSP Accessibility Task Force Member
    splintered.co.uk | photographia.co.uk | redux.deviantart.com


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •