I am creating a website with the CMS MediaWiki and its extension named ContactPage. The website is principally all core and I use only that one extension ContactPage (as one which is not one of the core extensions already shipped with the MediaWiki core).
Defaultly, submitted ContactPage forms are not saved in MediaWiki’s MySQL database so I don’t fear of SQL injections, but, I do have this problem were currently MediaWiki ContactPage doesn’t support a phone number field type and a website field type, so to ask a customer for a
- containing phone number or a web domain would most likely require a “simple text field” field type.
From an information security standpoint, does a simple text field good alternative for phone/website fields if a form’s data isn’t saved in a database?