form data - 09/28/05 10:28 AM
This very well could go under the newbie section but since its regarding PHP/HTML I figured my question is best served here.
I'm reading my book and as I read it states "In terms of both error management and security, you should absolutely never trust the data being entered into a form".
Ok, So here comes the question.
Why not? Are they referring to when the form is being entered into say mysql and then the info from the form can dictate stuff in the database? I know that didn't come out exactly as I am thinking but its close. Why exactly should I scrutinize form data. Any insight would be greatly appreciated.
I'm reading my book and as I read it states "In terms of both error management and security, you should absolutely never trust the data being entered into a form".
Ok, So here comes the question.
Why not? Are they referring to when the form is being entered into say mysql and then the info from the form can dictate stuff in the database? I know that didn't come out exactly as I am thinking but its close. Why exactly should I scrutinize form data. Any insight would be greatly appreciated.