[FX.php List] Security Concerns
Joel Shapiro
jsfmp at earthlink.net
Thu Jan 25 13:50:52 MST 2007
Sorry I wasn't clear. Here's the situation:
1) form page contains: <input type=text name=email value="">
2) php process page creates new FM record and places $_POST['email']
into FM field "ContactEmail"
3) FM field "ContactEmail" is *never* returned to on any web page
(neither displayed nor hidden)
Are the contents of the "ContactEmail" field accessible to bots?
(Is that any clearer?)
Thanks,
-Joel
On Jan 25, 2007, at 12:32 PM, Edward L. Ford wrote:
> I'm not sure what Joel exactly means here -- I'm thinking putting
> data from FileMaker in a hidden HTML text field, in which case,
> bots can certainly see the data -- all anyone needs to do is view
> the page source to see the "hidden" data. For any sort of data you
> need to have persistent in your application but don't want
> displayed, PHP sessions are probably the best solution.
More information about the FX.php_List
mailing list