+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: form and security (/showthread.php?tid=76041)
form and security - pws - 04-09-2020
Hello,
what's the difference between using form helper and build normal html form?
How i can secure more my form?
THe request->getVar() is enoufgh for security?
RE: form and security - jreklund - 04-09-2020
CSRF protection are automatically added.
No, getVar have nothing to do with security. You need to use validation filtering, only accepting the types of data as you want.
You only want numbers? Only accept them.
A-Z? Just accept them, no numbers, no <> etc.
RE: form and security - pws - 04-09-2020
Hello,
have link to i can i check the validation filtring how working?
have a function can apply it for getVar() to secure it?
RE: form and security - jreklund - 04-09-2020
It's all in the manual.
https://codeigniter.com/user_guide/libraries/validation.html