[thelist] MYSQL column type properties

Anthony Baratta Anthony at Baratta.com
Wed Sep 24 14:40:37 CDT 2003


At 12:05 PM 9/24/2003, Elly wrote:
>For the purpose where records are always entered through an html form, 
>besides the primary key, is there a reason to specify NOT NULL if required 
>fields are specified in the form?
>
>Also, why specify maximum characters if this will also be controlled by 
>the form?
>
>In other words, if a form requires a field, and has a maxlength, is there 
>a reason to specify NOT NULL and maximum characters () when creating the table?

Data integrity.

You should never rely on the Browser to validate your date for you. You 
should ALWAYS validate your form data with a server side script. This 
includes checking data for existing and being "well formed" (proper length, 
character type, and/or format) as well as escaping/munging your form data 
to ensure that someone can't put nasty SQL statements into your form data 
and harvest or destroy your DB tables.

---
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."



More information about the thelist mailing list