I have a registration form, I need to send it to a PHP file via Ajax Post. What is the best and safest way for the form? It may be a small subject or it may be a long subject, depending on how many ' Safe'? What are your worries here?
Take a look at this basic example:
Actually, the rule does not trust the customer ever. This example goes into conclusion (hard for pancreatic) through input, and any script strips the content which can be the cause of the injection if you output the results later, then it submits to the server. Is and outputs content for fun.
You should not believe that This is in your domded block. HTML is for jsfiddle simulated Ajax output and does not really require it in production . StripQ () has worked and in PHP, strip_tags and any security measures by which a user Apply mysql_real_escape_string etc.
(function () {var form = document.id ("register"), Els = form.getElements ("input.required"), result = document.id ("result") ; Form.addEvent ("submit", function (e) {e.stop (); var errors = false; // Clear input from cross site scripting and some basic verification, inside you (function (AL) { Var value = el.get ("value"). Striprin (); if (value.length & lt; 3) / / example minimum 3 length errors = true; el.set ("value", value); }); If (! Errors) {// set jsfiddle html. Document.id ("html") .set ("value", "secure protected data was: using ("Value"), pass: "+ document.id (" pass "). (" Value "); new request ({url: this .get ("verb"), data: this, complete: function () {result.set ("html", this.response.text);}}) Send ();} and {warning ("at least Fill all the required fields with 3 characters ");}});}) ();
Comments
Post a Comment