[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Further further to last message... I've created "test" version http://weldsmith.co.uk/contactformtest/contact.html where everything else is identical but I've * commented-out the one line which actually sends the message which has been assembled (ie. it doesn't send messages / use resources) * switched to a text-echo where the message would have sent (not HTML "Succesfully send" page) So you can try time-and-again to make the thing "crap-out" no problem at all... :-) I've "filtered" the forms inputs, and put in bounds-checks of how big variables can be (fairly enormous vs. typical entries, but enough to stop (?) a denial-of-service attack). That is all identically the same as in the "actual" version. So - show me how I have missed out security features, etc. and how good you are at finding these shortcomings... Best wishes, Rich Smith -- The Mailing List for the Devon & Cornwall LUG FAQ: https://www.dcglug.org.uk/faq/