w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Should _post data from buttons be sanitized?

Yes you should sanitize anyway, as someone could modify the HTML before submitting the form.

On newer browsers you can right-click -> inspect element, which allows users to modify the HTML page as they see fit, they could modify your hidden fields or select values as they see fit.

Here is another thread on the subject : Are drop down select fields vulnerable to any sort of injection

Note : Use prepared statements for all your queries, this is a good habit to take and will ensure your queries are always sanitized.

© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.