1330
#NULL!
(lemmy.world)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 25 May 2026
1330 points (99.2% liked)
Programmer Humor
31585 readers
1239 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 3 years ago
MODERATORS
Well then someone with a Tagalog name gets caught in your filter...
I mean if it's "perfect" they yes, it'll work, but in production...
Also, you sometimes want to be able to store "1); Drop table abc;" in your database, I mean how do you otherwise store this comment right here? Sanitizing.
I agree with everything in your comment except the last word. Only sanitize in cases where there isn't a better option like html or terminal escape sequences. SQL had prepared statements, which are better.
That's conforming (to what ever criteria). Send me a UTF-16 string of at most 100 code points. Send me a 7-bit ASCII string of only A-Z0-9. Reject anything that doesn't comform.
sanitizing is trying to clean an input. That's "lemme just double escape some special characters" or stripping/replacing/encoding characters or truncating strings, coercing types. Don't do this, your sanitization code will have bugs or edge cases.