Ziba Scott wrote: > So I'm working on a patch which will make it easy to attach a regular > expression for validation to every contact field so that any > character in any field which will cause problems gets rejected and > characters which trip up the current prepare statement but are > acceptable for use down the line will get escaped and stored.
Invalid characters must not screw anything up on a DB side if you use SQL the right way - if it does it means your SQL code is wrong and not using prepared statements the right way. The only reason for input validation is to reject chars that are invalid - i.e. a @ in a first name does not make sense. The goal is not to fix the SQL backend within the frontend code! Mike -- Michael Baierl <http://mbaierl.com/blog/> - - - - - - - - - - - - - - - - - "Don’t worry about people stealing your ideas. If your ideas are any good, you’ll have to ram them down people’s throats." (Howard Aiken) _______________________________________________ List info: http://lists.roundcube.net/dev/
