Hi,
Ok for example in my site, i send "internal mail" member 'email' other
users, and it is kept in a database.
But what about a user.
copy the form, and a while loop keeping to send e-mail to overload the
database,(put too much information),
this is why yahoo, or hotmail when you join they put a
what do you mean by overload?
you should never trust data coming in from a webform. for example, if you
are collecting a phone number and the data is in $phoneNumber..
do something like,
$phoneNumber =~ s/.*(\d{3}-\d{3}-\d{4}).*/
or
&handleError() if ( $phoneNumber !~ /^(\d{3}-\d{3}-\d{4})$/ );
Hi.
I have an idea, if someone creates an external program to overload my
database, How do i prevent that, if all the fields are correct?
Anthony
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I have found CGI::FormBuilder a great way to do the validation for you.
First it ignores anything you didn't specifically ask for. Second, you can
easily validate using regexes. An additional benefit is that this module
provides client side (for legitimate users of your form), and server side
check
> should I use $ENV{HTTP_REFERER} to check wether a form was sent from my
> site.
> Because I don't want people to download my webpage, put a link to a form,
> and modify some of the forms so it can crash the script.(eventough i tried
> to protect from that).
Enough error handling in your script
On 6/26/03 at 10:48 AM, [EMAIL PROTECTED] (anthony) wrote:
> Hi,
>
> should I use $ENV{HTTP_REFERER} to check wether a form was sent from
> my site. Because I don't want people to download my webpage, put a
> link to a form, and modify some of the forms so it can crash the
> script.(eventough i t
Hi,
should I use $ENV{HTTP_REFERER} to check wether a form was sent from my
site.
Because I don't want people to download my webpage, put a link to a form,
and modify some of the forms so it can crash the script.(eventough i tried
to protect from that).
The best way i can think of for the moment i
