| Title |
Test
Find
Alphanumeric w spaces and double quotes
|
| Expression |
^["a-zA-Z0-9\040]+$ |
| Description |
Accepts words or quoted phrases for search strings. Stops SQL injection. |
| Matches |
2 words "Search String" |
| Non-Matches |
hi' or 1=1-- |
| Author |
Rating:
Not yet rated.
Jeffrey Roughgarden
|
| Source |
|
| Your Rating |
|
Title: How do you spell "O'Hara"?
Name: Keith Stacy
Date: 7/18/2008 12:48:25 PM
Comment:
The only problem with a whitelist approach like this is that certain names (usually Irish) are punctuated with an apostrophe, or single quote, like "O'Hara". This name would get kicked out by a whitelist approach like this. If it can be refined to permit its use thus as opposed to the use of the single quote as a string delimiter, then that would help.
Title: How do you spell "O'Hara"?
Name: Keith Stacy
Date: 7/18/2008 12:47:02 PM
Comment:
The only problem with a whitelist approach like this is that certain names (usually Irish) are punctuated with an apostrophe, or single quote, like "O'Hara". This name would get kicked out by a whitelist approach like this. If it can be refined to permit its use thus as opposed to the use of the single quote as a string delimiter, then that would help.
