On Jun 28, 2018, at 9:17 AM, William Prothero via use-livecode <use-livecode@lists.runrev.com> wrote:
> Another question I have is the best way to process the input text to > eliminate injection type attacks. I have a series of functions that filter out everything but ... digitsOnly() <- deletes everything other than 0 through 9 moneyOnly() <- deletes all but 0 through 9, period, minus sign emailOnly() <- only keeps stuff that has the format of an email alphaOnly() <- tosses everything outside of a-z and A-Z noQuoted() <- anything containing a quote is set to empty. For example no username or password should ever contain a quote. I only use a filtered version of the data provided by a user. I’ll write custom filters if needed. This applies to desktop apps and web apps. _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
