stackoom
  简体   繁体   中英

Building a secure contact form

 原文  2012-01-25 10:01:45       php/ ajax/ validation/ contact-form

Question

I'm building a contact form (PHP file, design has been already made) which will communicate with the PHP via AJAX . I need to secure the contact form to deny any spam, for the client side, I'll be using ReCaptcha for the validation on client side ... But, how can I secure the script from being tampered with or sending arbitrary codes?

I mean, if the spammer/hacker uses the form and submits a PHP code that could affect the server, how can I prevent this from happening?

2 answers

solution1
 0 ACCPTED  2012-01-25 10:07:17

The text that has been entered in your contact form should never be executed, only passed along in an e-mail message. So, whatever a hacker would submit, the worst it should be able to do is show up in the mailbox behind the form.

It's also always a good idea to use htmlentities on the content sent from your contact form, so if any HTML characters are used, they can't do any harm.

solution2
 0  2012-01-25 10:08:05

have a read

Validate form with php

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to secure a contact form in PHP Secure a contact form from scratch in Wordpress How to write inputs from Fast Secure Contact Form to MySQL Database? How secure can a PHP-driven HTML contact form using Swiftmailer be? This if or that if in contact form PHP Contact Form - Validation and Contact form stuck at loading Contact form 7 - URL redirection Issue with Ajax Contact Form Contact form not sending mail
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM