maxlength attributes in forms - 08/01/2002 2:05 PM
I noticed that templates/default/editbasic.tmpl doesn't have maxlength attributes for the input fields. I didn't check, but I suppose the other forms are the same.
If you enter too much text in a field, it's not detected until the form is submitted. Although that check should always be performed after the form has been submitted, not having a limit within the form itself creates a couple of potential problems:
1) Depending on your browser settings, the form field contents may be lost when you go back to the form to correct the mistake.
2) People could make Denial of Service attacks by posting very large amounts of data into a form.
In the case of textarea fields, I don't think a maxlength attribute can be used, but a length limit could be done with Javascript.
If you enter too much text in a field, it's not detected until the form is submitted. Although that check should always be performed after the form has been submitted, not having a limit within the form itself creates a couple of potential problems:
1) Depending on your browser settings, the form field contents may be lost when you go back to the form to correct the mistake.
2) People could make Denial of Service attacks by posting very large amounts of data into a form.
In the case of textarea fields, I don't think a maxlength attribute can be used, but a length limit could be done with Javascript.