TOPIC: Form validation and XSS protection

Dear Sir and Madam,

wer are interested in Matukio for Joomla 3. Unfortunately i can't find any informations about form field validations and XSS protection for the registration forms. Does your component have these? Is it possible to add custom validations for each form field?

I'm looking forward to hear from you.

Best regards,

Kevin Chileong Lee

Hi Kevin,

the validation is done twice, once in JavaScript and once in PHP. And yes all Matukio forms do use the Joomla XSS protection (form.token).

You currently can't add custom validations, this is planed for a later version though.

Kind regards,
Yves

Hi Yves,

thank you for your quick response. Are the validations predefined or is at least possible to use regex validation?

Edit:
And i have one more question related to the XSS protection. Can we make sure that no script tags are able to fill in those forms and is it save that by viewing the forms in the backend that no scripts are being executed?

Best regards,
Kevin

The validations are predefined.

Can we make sure that no script tags are able to fill in those forms and is it save that by viewing the forms in the backend that no scripts are being executed?

We strip and escape any html / scripts etc from the input before we save it. We are using Joomla JInput, which applies filter rules etc. and follow the joomla standards to prevent attacks of this kind.

Kind regards,
Yves

Thanks, that is enough information to me.