I'm developing a contact form for my site, as usual I first leave it functional, and then work on the security of it.
For a simple form, which will only receive a name
field, another email
field, and finally a message
field; What care should be taken with this form regarding safety?
I'm not experienced in PHP, but I've read articles telling us that forms that access the MySQL database can be manipulated in a way that malicious users can access information they should not have.
Is there any such danger when there is no interaction with the database?
I know that I should do the validation to prevent the user from sending an empty field for example.