I just want to confirm that Crowdpurr sanitizes submissions (particularly as it relates to text-based answers).
We do a feedback question in the middle of our game and one person wrote, “you should make sure you’re sanitizing your inputs. I had an evil plan to try an SQL injection but I’m too nice”
I figure the inputs are sanitized, but it doesn’t hurt to verify.
Hi Dale. Yes, we sanitize all text inputs. Participants are unable to perform an SQL injection.
Our database doesn’t use SQL anyway. Sounds like someone having some fun.
OK- great. I figured you would not have overlooked this kind of thing, but thought I’d be tempting fate if I didn’t verify. We have been impressed top-to-bottom with Crowdpurr. Thank you for such a great platform!