Sanitizing forms in vibe.d. How?
Nicholas Wilson via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Mon Dec 12 03:32:42 PST 2016
On Monday, 12 December 2016 at 10:25:05 UTC, aberba wrote:
> On Monday, 12 December 2016 at 00:42:54 UTC, Nicholas Wilson
> wrote:
>> On Sunday, 11 December 2016 at 18:30:54 UTC, aberba wrote:
>
>> You can enforce that the string that you receive is an email
>> address with `isEmail` from `std.net.isemail`
>
> Nice.
>
>> What sql library are you using? there is probably a function
>> in that somewhere, that does sanitisation, or use prepared
>> statements.
>
> Will look into that. Currently planning to use mysql-lited (not
> sure which one is more capable though)
All the bindings on code.dlang.org should be equally capable,
however some may be easier to use and/or be DB specific (e.g. the
Postges bindings)
>
> How about alternative to php strip_tags(), strip_slash() ?
for strip_slash look for `replace` and friends in std.array
for strip_tags I would look for an xml library (e.g. arsd.dom)
and parse it and then reprint it without the tags. There's
probably a better way to do it though. I'm sure Adam Ruppe will
be able to help you there.
More information about the Digitalmars-d-learn
mailing list