[thelist] Form Security

DAVOUD TOHIDY dtohidy at hotmail.com
Thu Jul 15 15:19:00 CDT 2010

Hi there,

I am working on my employer's site. I have a search engine and Contact form. I have taken all the steps that I am aware of to tighten the security such as using :

$name = mysql_real_escape_string(strip_tags(stripslashes(htmlentities(trim($_POST['name'])))));

I am planning to log the user in on the fly to the database without letting the user know while providing the user with a user type with "USER" priviliges.

Does this make any sense at all in terms of increasing the security of input by the user in search field and or in contact form fields?

Unfortunately I will not be able to provide you with more source code.


Game on: Challenge friends to great games on Messenger

More information about the thelist mailing list