Re: Validate Radio Buttons? [message #182371 is a reply to message #182369] |
Wed, 31 July 2013 19:07 |
Jerry Stuckle
Messages: 2598 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 7/31/2013 2:20 PM, Twayne wrote:
> Hi all,
>
> I was wondering what the general consensus might be on this:
>
> Should one Validate Radio Buttons for an online website contact form?
>
> I've always thought they needed nothing but validation to see if they'd
> been used or not before accepting them, and sending the user back to the
> website Home Page.
> I've used Referrer to check the pages the visitor came from, gotten
> his IP or proxy identifier IP and used Control Cache and Pragma plus
> $referrer to check that the visitor arrived from the website and nowhere
> else, to try to be sure you can't go back to any previous page and find
> the data still in tact; sessions are always destroyed when any error
> shows up. A counter tells me how many attempts were made from the same
> IP or Proxy and after 3 attempts the visitor is banned for a few hours.
> Two sets of 3 failed attempts will ge him banned permanently.
>
> BUT, does any of that negate the need to Validate a Radio Button Click?
> http://phpmaster.com/form-validation-with-php/ seems to think so, but
> the code they suggest isn't exactly simple and it takes a lot of code.
>
> I'm willing to be called wrong; no problem at all.
>
> So, what do YOU think?
>
> TIA & Regards,
>
> Twayne`
Good practice means you ALWAYS validate ALL information from the user.
You may have a radio button on your form - but there is no guarantee the
request comes on from your form.
I can easily build a page which has invalid information and submit it to
your site. Or even use tools like cURL to feed your site invalid
information.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|