Input Validation Sandbox

Format: Try various malicious inputs in every input field of your application.

Test input checklist:

Text fields:
- Empty string
- Very long string (10,000 characters)
- HTML tags: <b>bold</b>
- Script: <script>alert('xss')</script>
- SQL injection: ' OR 1=1 --
- Unicode/emoji: 💀🔥 ñ ü ö
- Newlines and tabs
- Whitespace only

Number fields:
- Negative numbers
- 0
- Decimals (3.14159...)
- Very large numbers (99999999999)
- Letters (abc)

Email fields:
- String without @
- String with multiple @
- Very long domain name

Record the result of each input: Was it correctly rejected? Did it show a friendly error message? Or did the system crash?