[thelist] Form Security

DAVOUD TOHIDY dtohidy at hotmail.com
Tue Jul 20 10:01:25 CDT 2010

> Date: Tue, 20 Jul 2010 09:49:54 -0500
> From: codeacula at codeacula.com

>if the customer wishes to put their first name as
>"<script>Bob</script>" that is just fine, because it doesn't get put
> into our system until that credit card says we're getting the money.

As I mentioned I value your thoughts and I will think about it for a later time when I really am a GEEEEK :) in PHP. However What if the credit card is a stolen one? Do you still let the "<script>Bob</script>" go into your database?

Game on: Challenge friends to great games on Messenger

More information about the thelist mailing list