Php form submit


#1

Hi All,

I’ve been working on getting online sign-up forms for my website and trying to use jquery and php. Reading through things, I’ve been a bit spooked by the concerns over security and hacking and wondering:

  1. Can you use a separate php file to do form processing with DreamHost? (thus far I’ve gotten emails to arrive but not with correct data)

  2. Is it just best to use the DreamHost FormMail and is that safe and secure? (particularly with email harvesting and validation)

Admittedly, I’m a bit in over my head with some of this and still trying to get a knack for jquery, ajax, and php.

Thanks in advance for your help!


#2

What are your concerns over security and hacking?


#3

One concern is over email being susceptible to spam having it embedded in the html code when using FormMail in the html document.

The other is having read about php email injecting that certain code can be exploited by spammers to send junk mail.


#4

I don’t use DH formmail and I’m not sure about their security levels.

Some framework (symfony) provides nice features to stress the security issues.

If you are not using framework, read this
https://www.owasp.org/index.php/Main_Page


#5

For beginners with no knowledge of best practices and security issues I would reccomend just sticking to dreamhost formmail. While the formmail.dreamhost.com page is old and not very informative, there is a wiki page now that includes an example.