Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialSurendra Kulkarni
6,826 PointsHow safe this website willbe
I have made a web site using inc (header & footer) as learned in this tutorial but as a newby wonder if the website will be safe?
3 Answers
Brian van Vlymen
12,637 Pointswhich one way the website will be safe? Can you tell me little more detail about it.
Surendra Kulkarni
6,826 PointsThanks Brian. My concern is I have a contact form so data(email, name, message) is coming in from the user. On goggling form security I found many ways a malicious attach could happen. I understand my query is vague this is because of lack of knowledge of PHP. I have done the form as per the tutorial so I would like to know what else in terms of data validation/ sanitization I need to do. Particularly do I have to escape every " ?
Thanks in advance for your help. Cheers!
<?php $pageTitle = "Julie Dahl-Contact"; $section = "contact" ; include ('inc/header.php'); ?>
<script type="text/javascript"> var RecaptchaOptions = { theme : 'custom', custom_theme_widget: 'responsive_recaptcha' }; </script>
<section id="formContainer"> <h3>I would love to hear from you ..</h3> <p>Phone me on 0402 226 857 <br> or <br> Send me an email... </p> <form action="php/contact.php" method="post" name ="jdform" id="form" onSubmit="MM_validateForm('name','','R');return document.MM_returnValue">
<input name="name" type="text" required class="txtinput" id="name" tabindex="1" value="Your name"> <input name="email" type="email" required class="txtinput" id="email" tabindex="2" value="Your e-mail address" size="40" maxlength="40"> <textarea name="message" class="txtblock" id="message" tabindex="3">Your message..</textarea>
<div id="responsive_recaptcha" style="display:none">
<div id="recaptcha_image"></div>
<div class="recaptcha_only_if_incorrect_sol" style="color:red">Incorrect please try again</div>
<label class="solution">
<span class="recaptcha_only_if_image">Type the two words:</span>
<span class="recaptcha_only_if_audio">Enter the numbers you hear:</span>
<input type="text" id="recaptcha_response_field" name="recaptcha_response_field" />
</label>
<div class="options">
<a href="javascript:Recaptcha.reload()" id="icon-reload">Get another CAPTCHA</a>
<a class="recaptcha_only_if_image" href="javascript:Recaptcha.switch_type('audio')" id="icon-audio">Get an audio CAPTCHA</a>
<a class="recaptcha_only_if_audio" href="javascript:Recaptcha.switch_type('image')" id="icon-image">Get an image CAPTCHA</a>
<a href="javascript:Recaptcha.showhelp()" id="icon-help">Help</a>
</div>
</div>
<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LckTu4SAAAAAP-5MVrN6WZPfLQ4mRyg-Kva6CPG"> </script>
<noscript> <iframe src="http://www.google.com/recaptcha/api/noscript?k=6LckTu4SAAAAAP-5MVrN6WZPfLQ4mRyg-Kva6CPG" height="300" width="500" frameborder="0"></iframe><br> <textarea name="recaptcha_challenge_field" rows="3" cols="40"> </textarea> <input type="hidden" name="recaptcha_response_field" value="manual_challenge"> </noscript>
<section id="buttons">
<input type="submit" name="submit" id="submitbtn" class="submitbtn" tabindex="7" value="Submit this !">
<br style="clear:both;">
</section>
</form> </section><!--eof formcontainer-->
<?php include ('inc/footer.php');
Surendra Kulkarni
6,826 PointsI have resolved web security issues