So I’ve basically learned why it’s the best practice to use PHP when doing form validation and submission. You just can’t let the user see what your form is doing… you really just can’t. I mean I’ve always been taught it but after having completely broken a site using a simple spam script (using their own code to send through the data), it just reinforced those lessons. Hopefully there’s no hard feelings.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: