Verify user names and emails being added to the database

cis498-g4 / GuestBook

Guest book and feedback system for events

1 stars 1 forks source link

Closed mikemolenda closed 7 years ago

mikemolenda commented 7 years ago

This should solve the SQL injection / XSS problem

mikemolenda commented 7 years ago

Use same validate email with regex used for checking CSVs. Add special character checks to name fields. Disallow <>=:;'"/\

mikemolenda commented 7 years ago

Fixed 5/9/2017