vicodin Posted March 10, 2008 Share Posted March 10, 2008 If i do a preg statment that only allows A-Z,a-z,0-9 will that stop all injections and ssx atacks?? Quote Link to comment Share on other sites More sharing options...
unsider Posted March 10, 2008 Share Posted March 10, 2008 Yes, or even take it a step further to not allow <>,!, @, #, etc... But yes, that type of validation works just fine. For the most minimal of form security. Quote Link to comment Share on other sites More sharing options...
vicodin Posted March 10, 2008 Author Share Posted March 10, 2008 Now by minimal what else to you think should be in there? Quote Link to comment Share on other sites More sharing options...
unsider Posted March 10, 2008 Share Posted March 10, 2008 Spoofed HTTP Requests Cross Site Scripting Google search some form security/overall security topics to find them all. You are simply protecting the user from input strange characters, or potientally harmful characters. Quote Link to comment Share on other sites More sharing options...
vicodin Posted March 10, 2008 Author Share Posted March 10, 2008 Thanks for the tips! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.