I'm creating a form on my website which sends an e-mail to me containing the text that the user inputs, they don't need to sign in or anything.
Some questions:
- Should I store information in global session variables or pass them to another page using POST which will then send a mail?
- Do I perform form validation using PHP, JS or both? If so, what should I look out for?
- There is an option for a user to upload a PHP document. How do I make sure they can't send me viruses etc. in that document?
Thanks in advance!