-
Junior Member
Email Validation
Hi guys, Just want to know how to attach a email validation script/code to a manual contacts form made in fusion 11, when testing the form it works great (Thanks Adendum) so if anyone can help that's very much appreciated.
Cheers
the rookie
-
Re: Email Validation
In news:rookie.4hni6n@no-mx.forums.netobjects.com,
rookie <rookie.4hni6n@no-mx.forums.netobjects.com> typed:
> Hi guys, Just want to know how to attach a email validation
> script/code to a manual contacts form made in fusion 11,
> when testing the form it works great (Thanks Adendum) so if
> anyone can help that's very much appreciated.
>
> Cheers
>
> the rookie
Hi rookie,
I'm probably not the best one to be responding to this, but your query is a
pretty tall order for a post on a newsgroup.
You can do some security work in HTML, but there will still be some holes
in the security. Javascript isn't good to use, because those trying to hack
you don't bother with javascript.
Do you have any PHP background? Or are you willing to learn it? NOTHING
is 100% secure, but PHP can certainly do a lot for you.
http://www.tizag.com/htmlT/forms.php
http://en.wikipedia.org/wiki/Form_(web)
http://phpsec.org/projects/guide/2.html
http://www.phpro.org/tutorials/PHP-S...-Security.html
http://www.acunetix.com/websitesecur...rms-threat.htm
http://www.w3.org/Security/Faq/wwwsf4.html
In other words, there are a gazllion different ways to do it<g>. The trick
is to find the ones that know what they're talking about and not just some
one who's played with them for a few weeks and parrots things they don't
understand<g>.
Basically, you cannot trust ANY input from ANYWHERE. It has to be
inspected, verified and sanitized before it ever gets used.
Basically,
=================
http://www.phpro.org/tutorials/Valid...er-Input.html:
"
Never trust user input.
This article is an attempt to show how input from web based forms can be
dealt with safely. The first and most fundamental rule in security is 'NEVER
TRUST USER INPUT'. Just in case this is not entirely clear, lets go over it
again.. 'NEVER TRUST USER INPUT'. Whether it be by user stupidity or an
attack from a malicious user, every piece of information you get from
userland should be treated as suspect. Only by vigilantly adhering to this
policy will your scripts and information be secure.
The second rule deals with a legacy from earlier PHP versions.
Never, ever, ever, ever use register globals
PHP now has super globals and it is HIGHLY recommended to use them.
This article is by no means a complete security run down, simply and
explanation of a single facet of securing your scripts. At the absolute
least, variables must be checked for type and length. "
HTH,
Twayne`
-
Senior Member
-
Re: Email Validation
In news:Adendum.4howvn@no-mx.forums.netobjects.com,
Adendum <Adendum.4howvn@no-mx.forums.netobjects.com> typed:
> Hi Rookie,
>
> NOF11 does have validation built in. Check out the
> snapshots here:- 519 520
That's correct, and it's pretty decent code for the most part. I've used NOF
to lay out the forms more than a couple of times. But for validation and
sanitization I use PHP. You can do a lot with NOFs form tool, but if it's
all in HTML then whatever you do is visble to the visitors to evaluate and
find a way around; not good.
But I would still consider researching the links I gave you which point out
the pros/cons of various methods of security so you get a good basis in what
the dangers are and how to hopefully prevent them from affecting you.
Securty for forms is one of those things that are very subjective and in
general a new, generally small unknown site won't have a lot of problems but
others might find themselves hacked in just a few days or weeks or months.
It all depends on who spots you and whether they think your site might be
worth the time to hack, for fun, profit or purely to be malicious.
If you haven't come across them yet, here are two sites that do an excellent
job of evaluating your web site and reporting any problems they find. And
free of course. There are many others but these are the two I use and know:
googleAnalytcs.com: all knds of info on your web site. visitors, uniques,
OS's, speed, rate, browser used, search engines that crawled, raw accesses,
landing page, leaving page, etc. etc. etc., all by day week month and %
change from last month or as far back as you want to go. Very useful for
gauging the success of your site. Takes a few days for it to collect enough
data to start showing it; usually abt 3 days you'll see data starting
yesterday, day after you set it up.
NOF will also automatically add the analytcs code to each of your pages
if you wish.
http://www.websiteoptimization.com/services/analyze/ : Web site
optmization. Makes suggestions on how tospeed up site, get better speed,
etc.. Excellent resource.
Enjoy your web site design; it can be rewarding,
Twayne`
>
>
> +-------------------------------------------------------------------+
>> Filename:
>> validate2 ;..jpg|
>> Download:
>> http://forums.netobjects.com/attachm...achmentid=520|
> +-------------------------------------------------------------------+
>
>
> Paul - 'Aditerum' (http://www.aditerum.co.uk) & Adendum
> NOF11 (in Admin mode!); Vista Premium 64bit; AMD Phenom
> IIx4 945 Processor 3.00Ghz; 8.0Gb RAM
> -Wouldn't it be great if there was only a single browser to
> worry about!!!-
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules