RE: [PHP] Re: question regarding form filtering
- From: user@xxxxxxxxxxxxx ("Tim")
- Date: Thu, 15 Mar 2007 16:33:31 +0100
-----Message d'origine-----
De : Richard Lynch [mailto:ceo@xxxxxxxxx]
Envoyé : mercredi 14 mars 2007 23:45
À : Tim
Cc : 'Haydar Tuna'; php-general@xxxxxxxxxxxxx
Objet : RE: [PHP] Re: question regarding form filtering
On Wed, March 14, 2007 9:07 am, Tim wrote:
You almost for sure do *NOT* want to attempt to send the entire
Webster's 2nd Edition dictionary to the browser as JS data so that
the JS can check. :-)
Hehe, ohhhhh? Really? ;-)
I suppose you could do a Web 2.0 Ajax-y thingie for that...
Not a fan of forcing users to download/use active-x controls..
(accesibility, usability etc..)
No, I meant using an XmlHttpRequest to compare their password
as they type it in the form with the webster's dictionary up
on your server.
Dunno if it would be fast enough to do it per keystroke, but
perhaps upon leaving the password field.
Ok more reading todo then..
ought toFor anything that really matters, your sanitation probably
won't handlebe custom-tailored rather than off-the-rack anyway...
Glad we share this opinion..
Plus, the easy ones are easy, and the framework probably
are easy..the hard ones, so what's the point of the clutter of the framework?
So I personally wouldn't even go down this road.
Erm gonna have to explain to me what you mean... (easy ones
Etc.)
What I mean is that trying to write Framework for your
sanitization routines will lock you into that Framework.
So while PCRE is *great* for most sanitization routines, it's
not the Right Answer for all of them.
But if your framework only does PCRE, you've given up on
custom sanitization for an off-the-rack answer, and are using
a hammer on a screw sooner or later.
The easy ones, like username or email are a one-liner anyway,
or a few lines of code at most.
The really complex ones like password, probably won't fit
into any generic Framework you can build.
I think it's better to hand-craft this code on each, rather
than trying to generalize it.
Ok, i see what you are saying.
I have left my class open to new features, its pretty flexible, so i can
integrate these features in the near future (or maybe write a validation
class that extends the form class for when i need these "special"
validations). This opens up possibilities for both generic/hand-crafted
validation. So far i have no "public" user system (nor the need) so
verifying "public" passwords is not on the work list yet.. I WILL keep that
in mind and will experiment with different systems that enable "specific"
validation for certain types of input..
For the time being i am just either using forms to retrieve data from a
database (all standard word chars) or putting information into the database
from an admin console (again all standard word chars) so PCRE doesthe job
just fine and saves me from coding twice php then javascript.
If i had more time and less due-dates i would do it, maybe i'll think about
it while on vacation? hehe
Thanks again
Regards,
Tim
.
- References:
- RE: [PHP] Re: question regarding form filtering
- From: "Richard Lynch"
- RE: [PHP] Re: question regarding form filtering
- Prev by Date: Re: [PHP] Redirecting in a PHP script
- Next by Date: Just need a little direction please...
- Previous by thread: RE: [PHP] Re: question regarding form filtering
- Next by thread: Re: [PHP] question regarding form filtering
- Index(es):
Relevant Pages
|
