In starting a new project completely from scratch we need to decide whether to sanitise html (that is, convert & to &, < to <, and strip out blacklisted html) before or after we saved to database. In projects I’d worked on in the past this had been done inconsistently in different areas of the application – ie, pre save in some areas and on select in others. After having thought through the problem I think I’ve decided on which option I prefer: Sanitise after selecting from the database, rather than before saving to the database.
Archive for April, 2010
Should you sanitise your HTML before or after you save to your database?
Monday, April 19th, 2010How I organise my project information to save time.
Monday, April 12th, 2010It shouldn’t be news to anyone, but organising your projects (and assets within those projects) in an efficient manner will save you a load of time. Perhaps not immediately, but at some point in the future you’ll be thanking yourself hundreds of times over that you took the time to organise things in the first place.
