AnsweredAssumed Answered

Data API Security Risks

Question asked by danjamins on Dec 26, 2018
Latest reply on Dec 26, 2018 by danjamins

Hi all,


I'm making a standard contact form that is integrated with my FM database via the data API. The web page is PHP/HTML5 and just performs standard cURL operations to submit the data to FM after validating it.


My question is: even though it's not an SQL database, do I need to worry about SQL injection? Are there any similar vulnerabilities with the data API or is it pretty safe?


The form itself just uses a login that only has access to create a record in the contacts table and only has access to the fields available on the web form.