Wordpress Discussion
Wordpress Discussion
Out of context: Reply #72
- Started
- Last post
- 164 Responses
- rupedixon0
Hey Guys, I've got a question about making a really simple contact form for a WP theme I'm developing...
As a rule I have been avoiding any unnecessary plug-ins or third party stuff (less bloated, more secure etc.), but it looks like it might be a good idea to use a contact plug-in (gravity/ninja/not really sure!) because they may be more secure.
Is this right or would a hand-coded form be just as secure relying on the inbuilt WP security...
This is the first theme I have developed so any good contact or security advice is welcome.
thanks
- gravity forms ftwPonyBoy
- security on a form? what data is being sent?fadein11
- I've recently started using CalderaForms on a lot of my sites. It's great.noneck
- CalderaForms is a complete form designer tool isn't? it's a really heavy tool. if you want something easy and effective use contact-from7.sted
- if you need advanced features use gravity.
don't waste your time to do this from scratch. you can bundle the plugins with the themested - oh yeah... contact form7 is nice... and it's packaged-in w/ a number of themes now... although I find myself resorting back to gravityPonyBoy
- Thanks guys, 'contact form7' was in my shortlist, so was 'fast secure contact form', but I liked 'c f 7' more...rupedixon
- @fadein11, just concerned about the form being used to send spam etc...rupedixon
- ah - you just need captcha or similar then.fadein11
- I'll throw another vote for Contact Form 7dee-dubs
- If you build yourself, beyond simple captchas/nonces, you need to be careful to sanitize user input. No SQL, no scripts, virus checking uploads, etc.monNom
- look into SQL injection, XSS, XSRFmonNom