Live search project

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
0
down vote

favorite
1












I have a live search project and I don't know if it's secure enough or not. I don't access it directly, but I get data by JSON so I shouldn't worry about slashes or quotes, right?



The PHP code:



<?php
if (isset($it_server)) 
 class search
 public function gettingvalues($search_value)
 require_once('db_conx.php');
 $dir = "usersimage/";
 $search_value = htmlspecialchars($search_value,ENT_QUOTES,'UTF-8');
 $sql = "SELECT name,img,username FROM users WHERE username like '$search_value%' 
 
else
 header('location: 404');
 die();

?>


I call the function from index.php:



<?php
 $its_server = 'yes';
 if (isset($_POST['data'])) 
 require('search.php');
 $search = new search;
 $search->gettingvalues($_POST['data']);
 header('Content-Type: application/json; charset=utf-8');
 die();
 
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script type="text/javascript">
 $(document).ready(function()
 $('input').keyup(function()
 var value= $('input').val();
 $.ajax(
 type: "POST",
 url: "",
 data: data: value,
 datatype: "json",
 success: function(json_data) 
 var img = ;
 var username = ;
 var name = ;
 var html = '';
 $.each(json_data, function(index, e) 
 if (e.error) 
 html += `$e.error`;
 else
 html += `$e.name $e.username $e.img<br>`;
 
 )
 $("#feedback").html(html);
 
 )
 );
 );
</script>
<input type="text" name="search" placeholder="looking for?">
<div id="feedback"></div>


I don't know if I'm doing well with security or not and it's a big deal to me. So what you see from 1-10, how secure is my page?




php json ajax




share|improve this question



















  • It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
    – Your Common Sense
    Jun 26 at 8:28










  • Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
    – KIKO Software
    Jun 28 at 15:49
















up vote
0
down vote

favorite
1












I have a live search project and I don't know if it's secure enough or not. I don't access it directly, but I get data by JSON so I shouldn't worry about slashes or quotes, right?



The PHP code:



<?php
if (isset($it_server)) 
 class search
 public function gettingvalues($search_value)
 require_once('db_conx.php');
 $dir = "usersimage/";
 $search_value = htmlspecialchars($search_value,ENT_QUOTES,'UTF-8');
 $sql = "SELECT name,img,username FROM users WHERE username like '$search_value%' 
 
else
 header('location: 404');
 die();

?>


I call the function from index.php:



<?php
 $its_server = 'yes';
 if (isset($_POST['data'])) 
 require('search.php');
 $search = new search;
 $search->gettingvalues($_POST['data']);
 header('Content-Type: application/json; charset=utf-8');
 die();
 
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script type="text/javascript">
 $(document).ready(function()
 $('input').keyup(function()
 var value= $('input').val();
 $.ajax(
 type: "POST",
 url: "",
 data: data: value,
 datatype: "json",
 success: function(json_data) 
 var img = ;
 var username = ;
 var name = ;
 var html = '';
 $.each(json_data, function(index, e) 
 if (e.error) 
 html += `$e.error`;
 else
 html += `$e.name $e.username $e.img<br>`;
 
 )
 $("#feedback").html(html);
 
 )
 );
 );
</script>
<input type="text" name="search" placeholder="looking for?">
<div id="feedback"></div>


I don't know if I'm doing well with security or not and it's a big deal to me. So what you see from 1-10, how secure is my page?




php json ajax




share|improve this question



















  • It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
    – Your Common Sense
    Jun 26 at 8:28










  • Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
    – KIKO Software
    Jun 28 at 15:49












up vote
0
down vote

favorite
1









up vote
0
down vote

favorite
1






1





I have a live search project and I don't know if it's secure enough or not. I don't access it directly, but I get data by JSON so I shouldn't worry about slashes or quotes, right?



The PHP code:



<?php
if (isset($it_server)) 
 class search
 public function gettingvalues($search_value)
 require_once('db_conx.php');
 $dir = "usersimage/";
 $search_value = htmlspecialchars($search_value,ENT_QUOTES,'UTF-8');
 $sql = "SELECT name,img,username FROM users WHERE username like '$search_value%' 
 
else
 header('location: 404');
 die();

?>


I call the function from index.php:



<?php
 $its_server = 'yes';
 if (isset($_POST['data'])) 
 require('search.php');
 $search = new search;
 $search->gettingvalues($_POST['data']);
 header('Content-Type: application/json; charset=utf-8');
 die();
 
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script type="text/javascript">
 $(document).ready(function()
 $('input').keyup(function()
 var value= $('input').val();
 $.ajax(
 type: "POST",
 url: "",
 data: data: value,
 datatype: "json",
 success: function(json_data) 
 var img = ;
 var username = ;
 var name = ;
 var html = '';
 $.each(json_data, function(index, e) 
 if (e.error) 
 html += `$e.error`;
 else
 html += `$e.name $e.username $e.img<br>`;
 
 )
 $("#feedback").html(html);
 
 )
 );
 );
</script>
<input type="text" name="search" placeholder="looking for?">
<div id="feedback"></div>


I don't know if I'm doing well with security or not and it's a big deal to me. So what you see from 1-10, how secure is my page?




php json ajax




share|improve this question











I have a live search project and I don't know if it's secure enough or not. I don't access it directly, but I get data by JSON so I shouldn't worry about slashes or quotes, right?



The PHP code:



<?php
if (isset($it_server)) 
 class search
 public function gettingvalues($search_value)
 require_once('db_conx.php');
 $dir = "usersimage/";
 $search_value = htmlspecialchars($search_value,ENT_QUOTES,'UTF-8');
 $sql = "SELECT name,img,username FROM users WHERE username like '$search_value%' 
 
else
 header('location: 404');
 die();

?>


I call the function from index.php:



<?php
 $its_server = 'yes';
 if (isset($_POST['data'])) 
 require('search.php');
 $search = new search;
 $search->gettingvalues($_POST['data']);
 header('Content-Type: application/json; charset=utf-8');
 die();
 
?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script type="text/javascript">
 $(document).ready(function()
 $('input').keyup(function()
 var value= $('input').val();
 $.ajax(
 type: "POST",
 url: "",
 data: data: value,
 datatype: "json",
 success: function(json_data) 
 var img = ;
 var username = ;
 var name = ;
 var html = '';
 $.each(json_data, function(index, e) 
 if (e.error) 
 html += `$e.error`;
 else
 html += `$e.name $e.username $e.img<br>`;
 
 )
 $("#feedback").html(html);
 
 )
 );
 );
</script>
<input type="text" name="search" placeholder="looking for?">
<div id="feedback"></div>


I don't know if I'm doing well with security or not and it's a big deal to me. So what you see from 1-10, how secure is my page?





php json ajax





share|improve this question










share|improve this question




share|improve this question









asked Jun 26 at 5:47







user172643


















  • It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
    – Your Common Sense
    Jun 26 at 8:28










  • Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
    – KIKO Software
    Jun 28 at 15:49
















  • It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
    – Your Common Sense
    Jun 26 at 8:28










  • Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
    – KIKO Software
    Jun 28 at 15:49















It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
– Your Common Sense
Jun 26 at 8:28




It makes me wonder where did you get the idea that JSON is any related to SQL. This statement is like "I washed my hands, so I can go cross a road anywhere, no car will hit me because I am protected from germs".
– Your Common Sense
Jun 26 at 8:28












Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
– KIKO Software
Jun 28 at 15:49




Getting data by json, through jqeury, still exposes your 'live search' to the outside world, with all the security implications of that.
– KIKO Software
Jun 28 at 15:49










1 Answer
1






active

oldest

votes

















up vote
0
down vote













One quite big security issue I see here is your vulnerability to SQL-Injection attacks. Even when you use htmlspecialchars(), there are still some ways to circumvent it, as shown in Is htmlspecialchars enough to prevent an SQL injection on a variable enclosed in single quotes?.



Basically, you are allowing the user to directly manipulate the SQL-Query, which has to be prevented. For this case, there are Prepared Statements, which - if used correctly - will prevent the user from doing anything nasty with your database. There is an answer to How can I prevent SQL injection in PHP? regarding this topic, so I suggest you read and understand that.



Also, you might have a look at the manual to learn more about prepared statements using either mysqli or PDO.






share|improve this answer























  • To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
    – Your Common Sense
    Jun 26 at 7:12










  • @YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
    – Tobias F.
    Jun 26 at 7:20










  • I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
    – user172643
    Jun 26 at 7:42







  • 1




    I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
    – Toby Speight
    Jun 26 at 8:18






  • 1




    @AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
    – Your Common Sense
    Jun 26 at 8:26










Your Answer




StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["\$", "\$"]]);
);
);
, "mathjax-editing");

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "196"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f197252%2flive-search-project%23new-answer', 'question_page');

);

Post as a guest
















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote













One quite big security issue I see here is your vulnerability to SQL-Injection attacks. Even when you use htmlspecialchars(), there are still some ways to circumvent it, as shown in Is htmlspecialchars enough to prevent an SQL injection on a variable enclosed in single quotes?.



Basically, you are allowing the user to directly manipulate the SQL-Query, which has to be prevented. For this case, there are Prepared Statements, which - if used correctly - will prevent the user from doing anything nasty with your database. There is an answer to How can I prevent SQL injection in PHP? regarding this topic, so I suggest you read and understand that.



Also, you might have a look at the manual to learn more about prepared statements using either mysqli or PDO.






share|improve this answer























  • To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
    – Your Common Sense
    Jun 26 at 7:12










  • @YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
    – Tobias F.
    Jun 26 at 7:20










  • I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
    – user172643
    Jun 26 at 7:42







  • 1




    I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
    – Toby Speight
    Jun 26 at 8:18






  • 1




    @AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
    – Your Common Sense
    Jun 26 at 8:26














up vote
0
down vote













One quite big security issue I see here is your vulnerability to SQL-Injection attacks. Even when you use htmlspecialchars(), there are still some ways to circumvent it, as shown in Is htmlspecialchars enough to prevent an SQL injection on a variable enclosed in single quotes?.



Basically, you are allowing the user to directly manipulate the SQL-Query, which has to be prevented. For this case, there are Prepared Statements, which - if used correctly - will prevent the user from doing anything nasty with your database. There is an answer to How can I prevent SQL injection in PHP? regarding this topic, so I suggest you read and understand that.



Also, you might have a look at the manual to learn more about prepared statements using either mysqli or PDO.






share|improve this answer























  • To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
    – Your Common Sense
    Jun 26 at 7:12










  • @YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
    – Tobias F.
    Jun 26 at 7:20










  • I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
    – user172643
    Jun 26 at 7:42







  • 1




    I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
    – Toby Speight
    Jun 26 at 8:18






  • 1




    @AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
    – Your Common Sense
    Jun 26 at 8:26












up vote
0
down vote










up vote
0
down vote









One quite big security issue I see here is your vulnerability to SQL-Injection attacks. Even when you use htmlspecialchars(), there are still some ways to circumvent it, as shown in Is htmlspecialchars enough to prevent an SQL injection on a variable enclosed in single quotes?.



Basically, you are allowing the user to directly manipulate the SQL-Query, which has to be prevented. For this case, there are Prepared Statements, which - if used correctly - will prevent the user from doing anything nasty with your database. There is an answer to How can I prevent SQL injection in PHP? regarding this topic, so I suggest you read and understand that.



Also, you might have a look at the manual to learn more about prepared statements using either mysqli or PDO.






share|improve this answer















One quite big security issue I see here is your vulnerability to SQL-Injection attacks. Even when you use htmlspecialchars(), there are still some ways to circumvent it, as shown in Is htmlspecialchars enough to prevent an SQL injection on a variable enclosed in single quotes?.



Basically, you are allowing the user to directly manipulate the SQL-Query, which has to be prevented. For this case, there are Prepared Statements, which - if used correctly - will prevent the user from doing anything nasty with your database. There is an answer to How can I prevent SQL injection in PHP? regarding this topic, so I suggest you read and understand that.



Also, you might have a look at the manual to learn more about prepared statements using either mysqli or PDO.







share|improve this answer















share|improve this answer



share|improve this answer








edited Jun 26 at 8:21









Toby Speight

17.2k13487




17.2k13487











answered Jun 26 at 7:07









Tobias F.

1093




1093











  • To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
    – Your Common Sense
    Jun 26 at 7:12










  • @YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
    – Tobias F.
    Jun 26 at 7:20










  • I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
    – user172643
    Jun 26 at 7:42







  • 1




    I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
    – Toby Speight
    Jun 26 at 8:18






  • 1




    @AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
    – Your Common Sense
    Jun 26 at 8:26
















  • To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
    – Your Common Sense
    Jun 26 at 7:12










  • @YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
    – Tobias F.
    Jun 26 at 7:20










  • I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
    – user172643
    Jun 26 at 7:42







  • 1




    I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
    – Toby Speight
    Jun 26 at 8:18






  • 1




    @AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
    – Your Common Sense
    Jun 26 at 8:26















To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
– Your Common Sense
Jun 26 at 7:12




To me, this is more a comment than answer, boils down to a single SO link. And a confused one. What does it mean, "Nothing is 100% secure"? Got any evidence of gain access to a database if secured correctly?
– Your Common Sense
Jun 26 at 7:12












@YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
– Tobias F.
Jun 26 at 7:20




@YourCommonSense The "Not 100%" part is more something obligatory to me, as you can't guarantee 100%, but as far as i know there is no way to bypass the current "correct" way :) I also wasn't sure whether this counts as a full answer, but it seemed to be too much for a comment to me.
– Tobias F.
Jun 26 at 7:20












I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
– user172643
Jun 26 at 7:42





I think that Prepared Statements won't do anything for me, because index.php transfer json type data (utf-8). What do you think?
– user172643
Jun 26 at 7:42





1




1




I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
– Toby Speight
Jun 26 at 8:18




I think that "Use prepared statements where you can," is a good code review observation and worthy of an answer. It would be better to show what you'd do, as well as linking to those good resources.
– Toby Speight
Jun 26 at 8:18




1




1




@AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
– Your Common Sense
Jun 26 at 8:26




@AhmadSalameh you are supposed to read the links provided in the answer. "Do i need to use prepared statements" is not a question for a code review. It is not about making your code better but about you understanding very basic principles. Which you are supposed to learn for answers on Stack Overflow.
– Your Common Sense
Jun 26 at 8:26












 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f197252%2flive-search-project%23new-answer', 'question_page');

);

Post as a guest
































































-

Popular posts from this blog

Chat program with C++ and SFML

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 2 down vote favorite This is my client code: (My server is very similar at the moment but I will upload it below this one just in case somebody wants to run it) #include <SFML/Graphics.hpp> #include <SFML/Network.hpp> #include <thread> int main() sf::RenderWindow main_win(sf::VideoMode(800, 800), "Chatcy!"); main_win.setPosition(sf::Vector2i(sf::VideoMode::getDesktopMode().width/2 -400, sf::VideoMode::getDesktopMode().height/2 -400)); main_win.setVerticalSyncEnabled(true); //chatcy logo sf::Texture chatcy; chatcy.loadFromFile("image_chatcy.png"); sf::Sprite logo; logo.setTexture(chatcy); //200x800 //font sf::Font font; font.loadFromFile("FreeSerif.ttf"); //name sf::String name("Client"); name += ": "; //text input area and background sf::RectangleShape in_backg...
Read more

Function to Return a JSON Like Objects Using VBA Collections and Arrays

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 1 down vote favorite My goal is to create a compact function that can create a JSON Like object from JSON string. I want a function with a small footprint that I or anyone who wants to use it, can simply paste into a module and use. At 61 lines of code, I am happy with its size and portability. Here is an image of JSON Object created from string data using a ScriptControl . Although the Locals Window displays the properties and values correctly, the object itself is extremely difficult to work with. This image shows an object created using getJSONCollection . Because it is made of VBA Collections and Arrays, it is very easy to work with. Option Explicit Private Function getJSONCollection(ByVal Value As Variant, Optional ScriptEngine As Object) As Variant Const DELIMITER As String = "||" Dim col As Collection, JSON As Object, KeyNam...
Read more

Will my employers contract hold up in court?

Image
Clash Royale CLAN TAG #URR8PPP up vote 8 down vote favorite 2 When I started a new job back in July of 2017, I signed a contract that had the following bindings or restrictions if I was ever to leave the company: Cannot work for a competitor within 25 miles of current companies location for the next two years Cannot offer my services to any organization within 25 miles of current companies location for the next two years Now, when mentioned “my services” this can be related to my profession of website design. This contract seems incredibly binding, 2 years in length, and I’m looking to see if it would actually hold up in an Arizona court. contract employment non-compete arizona share | improve this question edited Aug 7 at 15:35 feetwet ♦ 13.8k 9 37 85 asked Aug 6 at 19:05 Alex S. 46 2 What does your comp...
Read more