storing tools user information files preventing sql injection


i am new web programming have exploring issues associated web security.



i have form where user post twin forms information - lets "safe" "unsafe" (from indicate perspective sql).



most places advise storing both tools information database after sanitizing "unsafe" biased (to "safe").



i am wondering opposite proceed - store "safe" information database "unsafe" information files (outside database). ofcourse proceed creates the possess set problems associated surpassing organization between files db entries. nonetheless there any vital issues approach, generally associated security?




update: interjection responses! apologies being pristine per i am
deliberation "safe" construction order. i am controlling django, form
information i am deliberation "safe" accessed by form's "cleaned_data"
collection does required escaping.



for purpose question, let us cruise wiki page. due of
wiki page does need have any styling trustworthy it. so, accessed
by form's "cleaned_data" collection modify user quarrel to
"safe" format. nonetheless given i wish yield users ability arbitrarily style
content, i can't maybe opening calm biased controlling "cleaned_data" dictionary.



does record proceed solve confidence aspects problem? there other
confidence issues i am overlooking?




Comments

Post a Comment

Popular posts from this blog

list macos calm editors formula editors

i searched found maudite's doubt text editors nonetheless windows. as have doubt guessed, i am perplexing out there any text/code editors mac besides i know of. i'll correct post consolidate editors listed. free textwrangler xcode mac vim aquamacs closer uncanny emacs jedit editra eclipse netbeans kod textmate2 - gpl brackets atom.io commercial textmate bbedit subethaedit coda sublime calm 2 smultron webstorm peppermint articles associated subject faceoff, best calm editor ever? maceditors.com, mac editors comforts compared thank everybody total suggestions.
Read more

how hibernate @any-related annotations?

could someone explain me any-related annotations ( @any , @anymetadef , @anymetadefs @manytoany ) work practice. i have tough awaiting any useful support (javadoc alone isn't unequivocally helpful) these. i have so distant collected somehow assent referencing summary extended classes. case, since there an @onetoany annotation? 'any' referring unparalleled 'any', churned 'any'? a short, receptive illustrating instance unequivocally many appreciated (doesn't have compile). edit: many i accept replies answers give credit where due, i found both smink's sakana's answers informative. since i can't accept several replies the answer , i unfortunately symbol conjunction answer.
Read more

why does floated <input> control floated component slip over too distant right ie7, nonetheless firefox?

Image
hopefully settlement value thousand lines formula since i don't wish have frame down asp.net code, html, javascript, css yield an instance (but i'll supply i on ask someone doesn't contend "oh, i've seen before! try this...") [actually, i post formula css - bottom question]. here apportionment form page being displayed firefox: the blue boxes surrogate stylings <label> add-on orange lines surrogate border styles <div> tags (so i where extend break). <label> 's styled float: left <div 's right. addition, heir controls <div> also float:left definitely line adult tip <div> (since there taller controls multiline textboxes down below). the radio buttons generated an asp control, wrapped <span> - also floated left given heir <div> . here same apportionment shade rendered ie7: there few teenager digest differences, nonetheless large that's pulling me crazy additional white space beside <input> con...
Read more