Hi Folks,
I've got a question. Users that use the web-based databases that I've
recently written (cgi-perl and pgsql) sometimes come up with errors when they
input information. I have realized that I need to write some very rigorous
error-checking routines in order to make sure that whatever they are typing
in makes it into the database, or flags them for re-input, and doesn't result
in an unrecoverable error. What I need to do is two-fold - escape stuff that
is easy (like single quotes), and do testing of types (make sure they are not
putting non-numerics in int fields, etc.)
I'm not a newbie at either perl or pgsql, but I'm definitely not yet a guru.
I've identified quotes in particualr as characters I need to make sure
get taken care of in some way or another before I pass them to a query. Are
there others that folks know about, especially combinations of characters
that lead to wierdness?
Other things I should be thinking about?
Thanks!
Michelle
--
------------
Michelle Murrain, Ph.D.
President
Norwottuck Technology Resources
mpm@norwottuck.com
http://www.norwottuck.com