473,326 Members | 2,102 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

Ways to validate input from user?

mikek12004
200 100+
Lately very interested in securing my PHP scripts. A question how can you secure that the data send to a PHP script come from your PHP form and not from a form somebody else created? Is there a way to get the domain in which the form is uploaded so to check that it is in my domain or something like that?
Mar 3 '09 #1
3 1233
Atli
5,058 Expert 4TB
Not really no.

Your <form> has actually nothing to do with PHP. It's purely HTML, instructing the client's browser what sort of data your PHP code expects to receive.

Whether the browser is ultimately responsible for sending the request, or if the request is created by some other means, you can't really know.
Requests created by a browser can easily be duplicated and manipulated.

The best thing to do is just make sure that the data you are receiving is valid; making sure numbers are numbers, emails are emails, links are links, and so forth.

The Variable handling Functions and Regular Expressions are very helpful there.
Mar 3 '09 #2
Markus
6,050 Expert 4TB
Adding to Atli's post: there's no real advantage to securing where the data comes from. You should just be safe knowing that you're back-end processing of the data is keeping anything malicious out. That is, I assume you are sanatising it? ;)

Oh, I could've sworn that bottom section wasn't there when I went to post my answer! LOL! I'm losing it.
Mar 3 '09 #3
Atli
5,058 Expert 4TB
@Markus
It wasn't. Posted half a thought before I realized the other half was missing.
We must have noticed that at the same time :]
Mar 5 '09 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

1
by: mats | last post by:
Hell My problem is that I do not know how to validate input that I let the user type into my datagrid In one grid I let the user to type in a value into a template column - how do I make sure...
4
by: Wysiwyg | last post by:
I need to validate a form to ensure that all of the fields add up correctly. I can't do this while the user is entering data since validation needs to be done after the entry is completed. What's...
5
by: sjl | last post by:
I've got an .aspx webform for searching my database. It basically takes user input and passes it as a parm into a stored proc to search a table. The results are returned in a SQLDataReader and...
0
by: Marina | last post by:
Let's say a user control has a bunch of textboxes. At some point the user control calls Validate to make sure all input is processed. The Validating event is fired, and if the input was invalid,...
4
by: Mike Fellows | last post by:
running IIS on a single server, hosting pages on an intranet basis, one single user out of 50 is having an unable to validate data issue how do i fix this (the microsoft KB is a little...
6
by: Solje | last post by:
Im developing an ASP.NET application used for maintinance purpose and it may be idle for some ours. The application crash with the error shown below when the user click on some contol in the...
5
nathj
by: nathj | last post by:
Hi, I have been looking around the forum and the web for a way to achieve this and so far I have drawn a blank. So I head to the forum as I'm sure someone knows how to do this. I have a form...
3
by: Max2006 | last post by:
Hi, I have a user control that has a property named "Text" Is there any way that I use a RequiredFieldValidator or CompareValidator to validate my user control's value? I tried it and I...
1
by: SkipNRun | last post by:
I am a novice when comes to JavaScript, AJAX. I am working on a form, which will allow users to update their contact information. In order to make the form flexible, I need to use pull down list. ...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.