digg

Facebook Connect Join Digg About

How to create a secure AJAX driven contact form

artviper.eu Here's a solution how to create a secure form, that doesn't allow potentially dangerous chars to be entered for name, email, message. It checks and removes them automatically while typing. In addition, the email address is validated while typing it in. No XSS, sql injections or any other potentially dangerous content can be submitted.

Who dugg this?

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

2 Comments

show profanity settings
expand all
  • iWasHere, on 10/11/2007, -0/+1What the form is trying to accomplish is great, but client-side validation is not enough. Although, The site does not say whether or not they are doing any server-side validation.

    Just because javascript validates something, does not mean that it is impossible for evil data to be submitted.

    Nice looking form, though!
  • artViper, on 10/11/2007, -0/+0Yes, you're right, that's why I said "add a submit function yourself". Commonly I use ajax in conjunction with php to strip the input again from anything unwanted, as you can read here: www.artviper.net/wp/archives/3 -> form validation with ajax and php.

    cheers

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.