Examples of encryption for database access
kee.nethery at elloco.com
Thu Jun 28 15:35:34 EDT 2018
On Jun 28, 2018, at 9:17 AM, William Prothero via use-livecode <use-livecode at lists.runrev.com> wrote:
> Another question I have is the best way to process the input text to eliminate injection type attacks.
I have a series of functions that filter out everything but ...
digitsOnly() <- deletes everything other than 0 through 9
moneyOnly() <- deletes all but 0 through 9, period, minus sign
emailOnly() <- only keeps stuff that has the format of an email
alphaOnly() <- tosses everything outside of a-z and A-Z
noQuoted() <- anything containing a quote is set to empty. For example no username or password should ever contain a quote.
I only use a filtered version of the data provided by a user. I’ll write custom filters if needed. This applies to desktop apps and web apps.
More information about the Use-livecode