Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 29.858.006 Times

Paranoid Form Validator 6.x-1.0

  Date Added: June 04, 2013  |  Visits: 242

Paranoid Form Validator

Report Broken Link
Printer Friendly Version


Product Homepage
Download (18 downloads)



Paranoid Form Validator can be used to prevent security attacks (cross-site scripting, SQL injection) carried out by submitting forms with malicious data in some cases. It works by adding extra validation to forms and raising error if unsafe data were submitted in form fields.Usually these attempts would not be a real threat if the module developers properly verified every input data. But rarely, errare humanum est, developers make mistake and leave security holes in the web page (just take a look at Drupal security advisories).This module is for you, if * you are a power user having full understanding the limits of this module (see ongoing #732858: Provide explanation that this is an incomplete and "un-Drupal" way of handling the problem),and * your site does not need formatted user input, every data entered is simple plain text, so you can afford getting rid of rich input, and * or you are developing a module and you feel insecure if you really put check_plain everywhere, * or you use modules which you are not sure the quality of.Usage.This module can reject any submitted form if it finds suspicious data posted. You can control which forms must be checked or which forms are trusted and no need to check. Note that data posted by users with the 'submit unchecked form' permission are not checked. Data posted from the form paranoidvalidator_admin_settings (the admin page of the module) is never checked either.When malicious input found and considered as a possible break-in attempt, an event is triggered so you can assign actions to this trigger. Two sample actions are already present: one to log, one to display the incident. See the Triggers page for more info.Important notes: * This module is not enough to protect an insecure site. It only prevents users to enter malicious data in the future. If your database is already tainted, or your data came elsewhere (e.g. another application), this module does not help you. * Generally it is not the best attitude to filter input data instead of carefully handling data inside the program code. But it is clear that if there is a bug in a module (which you do not indend to fix yourself), this decreases the possibility that a security whole can be exploited. So this module is paranoid because it assumes that some module is buggy. * This module conflicts with any sophisticated input filter methods, it supports only the simplest case where no rich input allowed at all.

Requirements: No special requirements
Platforms: PHP
Keyword: Actions Checked Developers Filter Forms Handling Input Insecure Malicious Module Permission Present Security Submitted Unchecked Users
Users rating: 0/10

License: Freeware Size: 10 KB
USER REVIEWS
More Reviews or Write Review


PARANOID FORM VALIDATOR RELATED
Form Processors  -  PHP Form Extension Project 0.6.1
PHP Form Extension Project provides HTML form handling functions as PHP module. There are many form classes/functions implemented as PHP script. However, they are not fast enough or lack features. This project aims to provide HTML form handling...
 
Modules  -  Chessboard Renderer 5.x- 1.0
Include this filter in a input format in order to use it.InstallationUnpack in your modules folder (usually /sites/all/modules/) and enable under Administer > Site Building > Modules. Requirements: - Drupal 5.x
 
Modules  -  Chessboard Renderer 5.x- 1.0
Include this filter in a input format in order to use it.InstallationUnpack in your modules folder (usually /sites/all/modules/) and enable under Administer > Site Building > Modules. Requirements: - Drupal 5.x
 
Modules  -  HTML corrector 1.0
The filter scans the input, builds up a list of open tags and closes them when needed. This module does not format HTML in order for the output to validate to the specification, but rather just makes sure all tags are closed.InstallationUnpack in...
 
Productivity  -  App4Dev 1.0.0.0
This application is for all beginner developers to see some input data. The data displayed on this app is: - Raw Gesture Data - Raw Accelerometer Data - Raw Orientation Data You can see raw accelerometer values so you can produce...
1024 KB  
Business  -  Spamato Spam Filter System 0.99.9
Spamato is a spam filter system that combines several anti-spam techniques, from which thousands of users benefit. It is available as an add-on for Thunderbird and Outlook, and as a stand-alone proxy for other email clients. IMAP and POP are...
4.97 MB  
Modules  -  JsMath for displaying mathematics with TeX 6.x-2.0
IntroductionThis module enables the jsMath script for displaying mathematical expressions. Users can enter arbitrary mathematical expressions in their drupal content by using the standard TeX syntax, including LaTeX and AMSLaTeX. jsMath renders...
10 KB  
Database Tools  -  PHP Generic Access Control List 3.3.7
PHP Generic Access Control List is a PHP class that offers Web developers a simple, yet immensely powerful "drop in" permission system for their current Web-based applications..
2.6 MB  
Modules  -  Browser Support 5.x-1.x-dev 1.0
The motivation behind the module is so that web developers can concentrate on building their site for recent browsers and ask their users to upgrade if they use an older browser that does not display the site properly.Unsupported browsers will be...
 
Modules  -  Advanced help 1.0
The advanced help module allows module developers to store their help outside the module system, in pure .html files.The files can be easily translated simply by copying them into the right translations directory. The entire system can appear in a...
 
NEW DOWNLOADS IN SCRIPTS, MODULES
Scripts  -  Free Ecommerce website creator 1.2
Free Ecommerce website creator is a free PHP shop creating script. This allows you to put a online shop on your own website. Create your own free ecommerce website for Your Business. Create an online shop using easyGUI online shop creator. The...
1.44 KB  
Scripts  -  MochiGames PHP Script ZDR 1.00
MochiGames PHP Script ZDR is web site, ready for use, for flash games. These flash games are downloaded automatically by "MochiGames PHP Script ZDR" from MochiGames media. The use of the games is free, you can use your own Mochi Publisher ID and...
368.54 KB  
Scripts  -  Php Chat 2.0
Add a free php site, single sign-on and multiple skins, 100% free 1. Server Modes: The chat server has paid mode and free mode. If the free chat mode, a free chat room will be assigned to your website with your domain as the room name. 2....
938.87 KB  
Scripts  -  Nibbleblog 3.0.1
Nibbleblog it's a powerful engine for creation and manipulation of BLOG's completely free. Very simple to install and configure (Only 1 step). The database used is based on XML files and this way it is not necessary to use MySQL or similar DBMS....
371.09 KB  
Scripts  -  PHP File Manager | CloudOsys 2.9b8
CloudOsys is a PHP file manager, a tool that allows your visitors upload files such as media content directly to your website. Your visitors will upload files directly to your website, where they can share and comment on them. Through cloud...
1.41 MB  
Modules  -  TinyMCE Node Picker 6.x-2.1
This module will de discontinued and replaced with Node Picker as soon as a stable release is available.TinyMCE Node Picker provides a button in TinyMCE that displays a list of links to content. Choosing a link inserts it into the editor.The...
20.48 KB  
Modules  -  Fapilicious 5.x-1.x-de
Fapilicious is a collection of FormAPI goodies.I hope to make it a repository of reusable FormAPI trickery and short cuts. Currently it has small collection of powerful FormAPI element validators.Please submit your favorite tricks as patches so we...
10 KB  
Modules  -  Donation Goals 6.x-1.x-de
The Donation Goals module lets you create nodes of the type "Donation Goal." These goals allow you to set an amount of money you'll need for whatever you're saving up for. Visitors of the site can then donate money through PayPal. Once the target...
20.48 KB  
Modules  -  Plica Twitter 1.0.1
Plica TwitterInstallation : * Download, unzip, and install plugin dir in /wp-content/plugins * Activate * All right now
10 KB  
Modules  -  Page Array 5.x-1.x-de
The pagearray module is a small (single function) helper module that can be used whenever there is a need to load the output of any Drupal path in data form. Based on the code in index.php, Page Array bypasses the theme('page') call, instead...
10 KB