[thelist] Form Security
DAVOUD TOHIDY
dtohidy at hotmail.com
Thu Jul 15 15:19:00 CDT 2010
Hi there,
I am working on my employer's site. I have a search engine and Contact form. I have taken all the steps that I am aware of to tighten the security such as using :
$name = mysql_real_escape_string(strip_tags(stripslashes(htmlentities(trim($_POST['name'])))));
I am planning to log the user in on the fly to the database without letting the user know while providing the user with a user type with "USER" priviliges.
Does this make any sense at all in terms of increasing the security of input by the user in search field and or in contact form fields?
Unfortunately I will not be able to provide you with more source code.
Thanks
davoud
_________________________________________________________________
Game on: Challenge friends to great games on Messenger
http://go.microsoft.com/?linkid=9734387
More information about the thelist
mailing list