We have spent a whole chapter looking at validation, but if you look at the major companies that have faced information security breaches over the last few years, you'll agree that security is worth spending some time on. We looked specifically at cross-site scripting or XSS attacks, but we also discussed some more general points of input validation. This takes us to the end of our second project.

One thing that is notably missing is to work out who added which crimes. If one malicious user adds a bunch of bogus crimes to our database, they could potentially mess up our entire dataset!

In our next project, we'll look at authenticating users through a User Account Control system, which will give us more control over who we let on our site ...