Re: MySQL UPDATE

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 68868
interpreted = N
texte = Clint, As a rule, before writing any user entered data into a database, I cleanse it. Here's an example: [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables name=_&exact=F][getchars start=2][name][/getchars]=[Grep search=[^,-.%@_A-Za-z0-9 ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] Here's what I use to clean up form variables passed to a page: [formvariables] [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 ]&replace=][value][/Grep][/text] [/formvariables] Notice the line wrap immediately following the 0-9. That is a space. HTH, Marc Clint Davis wrote: > I need to use WebDNA to update a MySQL table. Does anyone have some words of > advice (or code preferably) to "cleanse" the user input before executing the > SQL UPDATE statement? > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://webdna.smithmicro.com/ > -- ------------------------------------------- Marc Thompson Software Engineer Office of Information Technology University of Utah 801.585.9264 marc.thompson@utah.edu ------------------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
  2. Grep Again (was: MySQL UPDATE) ( Clint Davis 2007)
  3. Re: MySQL UPDATE ( Marc Thompson 2007)
  4. MySQL UPDATE ( Clint Davis 2007)
Clint, As a rule, before writing any user entered data into a database, I cleanse it. Here's an example: [replace db=mydb.db&eqSKUdatarq=[cart]][formvariables name=_&exact=F][getchars start=2][name][/getchars]=[Grep search=[^,-.%@_A-Za-z0-9 ]&replace=][url][value][/url][/Grep]&[/formvariables][/replace] Here's what I use to clean up form variables passed to a page: [formvariables] [text][name]=[Grep search=[^,-.%@_A-Za-z0-9 ]&replace=][value][/Grep][/text] [/formvariables] Notice the line wrap immediately following the 0-9. That is a space. HTH, Marc Clint Davis wrote: > I need to use WebDNA to update a MySQL table. Does anyone have some words of > advice (or code preferably) to "cleanse" the user input before executing the > SQL UPDATE statement? > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://webdna.smithmicro.com/ > -- ------------------------------------------- Marc Thompson Software Engineer Office of Information Technology University of Utah 801.585.9264 marc.thompson@utah.edu ------------------------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Marc Thompson

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[quantity] within formulas (1997) Getting it as [raw] (2004) WebCat b15 Mac plug-in (1997) Maybe off topic but how to charge (1997) Trouble with formula.db (1997) Sorting Numbers (1997) Hosting Services (1999) Status? (2000) Opinion: [input] should be called [output] ... (1997) & Problem in Textarea (1999) Password problems with WebCat 4.01 (2000) Physical Proximity searches (2000) Hard Questions ? (1997) [WebDNA] Snow Leoopard and v7 (2011) Search results templates (1996) Deleting associated records from 2 different databases (2001) Constructive criticism (2000) Multiple Replaces? (1997) Robots fill event log (1997) Secure Server (1999)