Group members

1.Abdullah Asif
2.Muhammad Hamza
3.Mahad Asif
4.Ali Fakhar
 Introduction
• Input validation in web systems refers to the process
of verifying and sanitizing user input to ensure that it
meets the expected criteria in terms of format, length,
type, and range. It involves implementing checks and
rules to validate user-submitted data, preventing
security vulnerabilities and ensuring the integrity and
reliability of the application. Proper input validation
helps protect against various malicious attacks, such
as cross-site scripting (XSS), SQL injections, and
command injections, while maintaining the overall
security and functionality of the web system.
Input validation Responsibility
• Here are some important responsibilities related
to input validation:
• Data type validation: Verifying that the data
entered matches the expected data type, such as
numbers, strings, dates, or email addresses.
• Length and size validation: Validating that
input falls within acceptable length or size limits.
• Required field validation: ensure that all
necessary input fields are filled out or provided by the
user
• SQL injection prevention: Protecting
against malicious SQL queries that could
manipulate or compromise the database.
• Whitelisting and blacklisting:
Implementing lists of allowed or
disallowed characters, words, or patterns
for input validation.
Why we use input validation

• Security: Input validation helps prevent

security vulnerabilities such as code
injection attacks like Cross-Site Scripting
(XSS) and SQL injection. By validating
input, we can ensure that malicious code
or unexpected input is not executed or
inserted into the system, thus safeguarding
against potential security breaches.
• Data integrity: Input validation ensures
that the data entered by users is accurate and
conforms to the expected format and
constraints. It helps maintain data integrity by
rejecting invalid or inappropriate input,
preventing data corruption or inconsistencies.
• User experience: Proper input validation
provides real-time feedback to users about the
correctness and completeness of their input. It
helps users identify and correct errors quickly,
improving the overall user experience and
reducing frustration.
Advantages
• Improved Security: Input validation
helps prevent security vulnerabilities such as
Cross-Site Scripting (XSS) and SQL injection
attacks, safeguarding the system against
malicious code injection and data breaches.
• Enhanced User Experience: Real-
time validation feedback informs users about the
correctness and completeness of their input,
enabling them to correct errors promptly and
improving the overall user experience.
• Data Integrity: Validating user input
ensures that the data entered meets
expected criteria, reducing the chances of
data corruption, inconsistencies, or errors
in the system.
• System Stability: By validating input,
potential errors or unexpected behaviors
caused by invalid or malformed data can
be detected and handled properly,
preventing system crashes or instability.
Disadvantages
• Overly Restrictive Validation: Excessive or overly
strict input validation can frustrate users if it rejects valid data
or restricts their input options beyond reasonable limits.
Striking the right balance between validation and usability is
crucial.
• Complexity and Development Time:
Implementing comprehensive input validation can be
complex, requiring careful consideration of various data types,
formats, and business rules. This can increase development
time and effort.
• Maintenance Overhead: Input validation may
require ongoing maintenance and updates as new data
requirements or security threats emerge, which can add to the
overall maintenance overhead of the system
THE END