/    Sign up×
Community /Pin to ProfileBookmark

Form security

Copy linkTweet thisAlerts:
Sep 18.2005

I have a php form thing where what people enters is printed on the next page, but I’m worried about them entering malicious php code in the form which could be dangerous right? Any idea how I’d prevent PHP being entered/injected?

to post a comment
PHP

4 Comments(s)

Copy linkTweet thisAlerts:
@pointfiftyaeSep 18.2005 — I don't think the php code people could enter will be processed.
Copy linkTweet thisAlerts:
@pyroSep 18.2005 — pointfiftyae is correct, unless you run the code through the eval function, it won't get parsed. You might want to watch out for JavaScript or SQL injection, depending on your circumstances, though.
Copy linkTweet thisAlerts:
@N00bletauthorSep 18.2005 — Yeah, you're right. Thanks and sorry, I only checked HTML and not PHP. And under what circumstances could Javascript and SQL injections be dangerous?
Copy linkTweet thisAlerts:
@ZarelSep 18.2005 — Well, SQL injections only work if you SQL query the text, which you shouldn't be doing.

A JavaScript injection will only affect the person who actually types the JavaScript in, so you won't be affected.
×

Success!

Help @N00blet spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.4,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...