Should you do validation checks that go outside the possiblility of normal user activity?
Posted
by Scarface
on Stack Overflow
See other posts from Stack Overflow
or by Scarface
Published on 2010-04-10T03:21:16Z
Indexed on
2010/04/10
3:23 UTC
Read the original article
Hit count: 424
Hey guys I have been thinking about form security a lot lately. I have been told time and time again to check if form input is a number if you are expecting a number or escape it in case (unless you use proper mysqli formatting) to avoid injection.
1.After the safety checks are done, should I do additional logic checks? For example, if the user is sending a friend request to them-self for example even if my user interface will not show the form if the user is looking at their own page.
© Stack Overflow or respective owner