Hello all,

I have a simple question concerning the security of my form.

I have a very basic PHP script that interacts with a series of checkboxes.

This form only consists of:

1. several checkboxes

2. textarea field to output echoed data, which does not process any inputed data


When a checkbox is selected it echoes back some text to the textarea field when the form is processed.

As I said before this script is very basic.

So - my questions are as follows:

a. Given that it doesn't interact with any databases or display/save anything viewable by the public, does this form still need to be secured/validated?

b. If so, any ideas on how i can secure it?


An article that i was reading said:

Regardless of its mode of execution, the PHP interpreter has the potential to access virtually every part of the host -- the file system, network interfaces, IPC, etc.
Does this apply to ALL PHP scripts? Or only scripts that interact with a database?

Thanks