I am making my friend an email form, but I want it to be secure. Do I have to clean up the data on radio buttons? Thanks in advance!

Hmm, I use this:

function cleanup ($data) {
return trim (htmlentities(strip_tags($data)));
}


But I think this removes all html elements. You might do a little research on htmlentities();
And I'm not sure, but try searching for something called "Magic Quotes" I think it has something to do with this.

Good Luck,
David

It's better to clean up all fields submitted. You can however also just verify that the value entered is one of the possible replies.

Lets you have:


<input type="radio" name="whatever" value="yes"> <label for="yes">Yes</label><br />
<input type="radio" name="whatever" value="no"> <label for="no">No</label>


then you can check that the value entered is indeed "yes" or "no":

<?php if ($_POST['whatever'] != "yes" && $_POST['whatever'] !="no") {
echo "Invalid value or whatever you want to show up.";
exit;
}?>

Thank you, it was helpful!