[GLLUG] Programming Project

Mike msg at msu.edu
Tue May 13 18:28:09 EDT 2008 

That would be pretty lame if a sanitize/filter function couldn't handle 
all strings ok, and still let sql-injection happen.  It better cover 
every case/contingency!  (Maybe be safe rather than sorry and reject 
some inputs.)

Another way is to verify an input string against a regex string. 
http://www.regular-expressions.info/email.html

Charles Ulrich wrote:
> 2008/5/12 Steven Sayers <sjsayers93 at gmail.com>:
>> I know I've been told between mostly Marshall and Rick that I need to plan
>> out a project at the very highest level first, then figure out how it works
>> after stating what it does [in non-technical terms]. After an extended
>> period of programmers block syndrome (P.B.S. for short) I've come up with an
>> idea(r). In drivers training we will be keeping a log, I don't want an
>> application as an alternative for that, since this log must be turned into
>> the State Department, but however I want to write an application for the
>> similar recreational use. I'd like their to be many text-fields for items
>> such as; the date, destination, how it went, interesting things that
>> happened. In the future I'd like to possibly add the ability to add pictures
>> to the specific driving event. Now I'll lightly reach the technical bits,
>> but without covering much at all, Trying to avoid the inadvertent mental
>> pride beating I'll get if I'm wrong. It'd have a GUI and functions to write
>> to file, read from file, and render the information in the actual GUI .
> 
> Sounds like a pretty good candidate for a web-based app. Is this a
> project that you're doing on your own or are you looking for GLLUG
> input/help?
> 
> While you definitely want to plan as much as possible for a production
> application, there is also something to be said for developing "toy"
> programs via the trial-and-error method. The end result may not have
> any practical value, but you'll have learned a lot about the language
> and it's capabilities and limitations. As a casual programmer, my
> style is somewhere in the middle. For my own personal projects, I get
> a rough idea of what I want to do, throw together a prototype, and
> then flesh it out into a more complete application.
> 
> While we're on the topic of programming, I have a general question for
> any PHP coders out there... how do _you_ deal with input sanitation?
> Is there a class or something that makes this straightforward or do
> you really have to carefully scrutinize every variable and SQL query
> because an automated process can never cover every contingency?
> 
> Charles
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>

More information about the linux-user mailing list