Export to CSV - proper format
Fairlight
fairlite at fairlite.com
Thu Oct 21 14:24:36 PDT 2010
When asked his whereabouts on Thu, Oct 21, 2010 at 10:39:25AM -0700,
Bill Campbell took the fifth, drank it, and then slurred:
> Since the TAB character is used in pretty much any data entry
> screen to move from a field to some other field, it cannot be
> entered as data thus is the safest to use for the field delimiter.
I've seen people say ^A (\001) is a good candidate, but will fP allow or
choke on ^V^A entry? :) I've never had occasion to try.
> Robust systems never make any assumptions about data entry being
> done correctly or even logically (not to mention maliciously).
> Improper (no) checking leads to SQL injection attacks, many PHP
> exploits, etc. which are left open by ``programmers'' who use
> these very simple languages without understanding these issues.
What Bill said x100. This is the reason the Web Applications of SANS @RISK
is usually so damned long, and why PHP and PHP-based applications account
for 95%+ of the entries on a regular basis. That, and it's "designed" like
hell. But a good programmer can work around poor design. Too many former
AOL users must be "coding" in PHP, methinks.
mark->
--
Audio panton, cogito singularis.
More information about the Filepro-list
mailing list