Graham, Thank you. Actually , you suggested this site to me the other day and it's great! I have read through a number of documents and have a few more to get through. How would a hacker pass an HTTP message ? That is interesting. Stuart --- Graham Cossey <graham@xxxxxxxxxxxxxxx> wrote: > [snip] > > Hope this is not off topic, and it might be a dumb > > question, but I'm new. > > For drop down menus, list boxes, selects etc, > would > > validation be needed to check the string , say for > > special characters ? (as a security precaution) > > I have read several posts/articles on this matter > and although the actual > HTML form will only pass the values available, it is > possible for a hacker > to compose an HTTP 'message' with data other than > that provided by the HTML > form. > > So, validation is advisable. > > A site that I would highly recommend as it has > enlightened me on several > topics is: www.shiflett.org > > Graham > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
