Are there browsers that don't support maxlength?

Question

I have a contest entry page on my company\'s website. In order to enter the contest, you create a login, which is just an email and a 4-digit pin. Here\'s the PIN field:

Answer 1

In general, trying to enforce rules for user input done client-side is a bad idea. I had an experience where we had contracted out some work to some programmers and their idea of sanitizing user input was making it so that users couldn't input more than 10 characters in any given field. A quick firebug change and, oh look, I can drop the server's database with some minimal SQL injection.

If I were you I'd check maximum lengths with whatever script adds user information to your database and return form validation errors if the user input exceeds the maximum specified length.