Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx> wrote: >On 7/5/2013 3:02 PM, Stephen wrote: >> On 13-07-05 02:50 PM, Jim Giner wrote: >>> >>> Now the question is - how the heck did I put that in there? >Certainly >>> not intentionally. The data is captured from a d/e screen I wrote >and >>> it simply grabs the post value and inserts a new record with that >>> value along with some other values. And I don't see anything >>> concatenating a LF to my string. >>> >> Is this a browser being used for input? Never assume what a browser >will >> do. >> >> It is good practice to validate and condition data before inserting >into >> a database. >> >> Consider trimming the data before doing the INSERT. >> >I do validate my data by quoting it but I never expected to have to do >a >trim to remove a LF. Especially on an iphone for input, since it's not > >easy to enter a LF. Quoting the data is not the same thing as validating it. Thanks, Ash -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
