Don't count on form field's maxlength property

I've talked about this before, but don't count on maxlength in your form fields. Why? Because it is trivial to turn them off using Firefox's Web Developer toolbar extension. I was looking at a ColdFusion based shopping cart solution today, and noticed that when I did this to their cart display, I was able to enter a huge number for the line item. What was my final line item price?

499, 900, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000.00

I hope that comes with free shipping. I'm not revealing the name of the product as I've emailed them to inform them of the bug and I'm sure I've made the same mistake myself as well. Of course, if I don't hear back maybe I will anyway. ;)

Like This?

If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can also subscribe to the email feed to get notified of new posts.