3
I am developing a contact form for my site, as usual I first make it functional, and then work on the security of it.
In the case of a simple form, which will only receive one field name
, another field email
and finally a field message
; What precautions should be taken with this security form?
I’m not experienced in PHP, but I’ve read articles telling us that forms that access the Mysql database can be manipulated in such a way that malicious users can have access to information that they shouldn’t have.
Is there any danger like this when there is no interaction with the database?
I know I must do the validation to prevent the user to send an empty field for example.