Thread: database programming
View Single Post
  #4   Spotlight this post!  
Unread 20-02-2004, 00:54
deltacoder1020's Avatar
deltacoder1020 deltacoder1020 is offline
Computer Guy
AKA: Dav
#1020 (The Indiana Prank Monkeys)
Team Role: Programmer
  
Join Date: Jan 2004
Location: Muncie, Indiana
Posts: 340
deltacoder1020 has a spectacular aura aboutdeltacoder1020 has a spectacular aura about
Send a message via AIM to deltacoder1020
Re: database programming
One of my current projects (non-FIRST, so it's sorta on hold) is designing an e-commerce site for shareware/independent commercial software, and you wouldn't believe how much validation form submissions go through. Suffice to say that just about any input is limited to only the exact characters you would need for a response to that. For instance, an email field is only allowed the characters "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVW XYZ@-_.0123456789", because those are the only characters one would need for an email address.

But the one thing you never want to let people do is submit HTML tags in any form that is going to be displayed back to the user.
__________________
Team 1020, the Indiana Prank Monkeys (www.team1020.org)