| Re: Validate Radio Buttons? [message #182401 is a reply to message #182384] |
Sat, 03 August 2013 00:10   |
bill
Messages: 310
Registered: October 2010
Karma:
|
Senior Member |
|
|
On 2013-08-01 7:54 PM, Scott Johnson wrote:
> On 8/1/2013 2:16 PM, Twayne wrote:
>> On 2013-07-31 3:07 PM, Jerry Stuckle wrote:
>>> On 7/31/2013 2:20 PM, Twayne wrote:
>>>> Hi all,
>>>>
>>>> I was wondering what the general consensus might be on this:
>>>>
>>>> Should one Validate Radio Buttons for an online website contact form?
>>>>
>> ...
>>
>>>
>>> Good practice means you ALWAYS validate ALL information from the user.
>>> You may have a radio button on your form - but there is no guarantee the
>>> request comes on from your form.
>>>
>>> I can easily build a page which has invalid information and submit it to
>>> your site. Or even use tools like cURL to feed your site invalid
>>> information.
>>>
>>
>> Care to share the "how" of doing that, or better yet some code? This
>> particular form isn't "live" yet or I'd put it somewhere and let you at
>> it if I didn't have orders to the contrary from on-high :)
>> I've done my best but it's obviously not enough or my questions
>> wouldn't exist.
>>
>> Regards,
>>
>> Twayne`
>
> Wasn't the point Jerry was making is that you 'should' validate anything
> coming from the public? Does not mean you have to.
Agreed, no problem there.
>
> Not sure the need to challenge his ability to corrupt your form since I
> think it is well known that a form can be spoofed.....or maybe not well
> known.
What challenging his ability? That was a valid, meaningful question.
He said "that" and I asked for clarification and further information.
Just read, don't try to see between the lines.
>
> I think the premise is that you can ignore the need to validate your
> data but you cannot ignore the consequences of not validating your data.
>
> Just saying. :)
>
> Scotty
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]