I have a text area for user to input something, and I will pass the text as a parameter to server, is there any way / api to ensure the user's text must be valid, even they are not valid, should be treat it as a normal string? (Escaping API?) Thank you.
views:
37answers:
1
+2
A:
You should be handling this on the server end, rather than assuming that all your input will come from your trusted iPhone app.
There are many packages that wrap database access and automatically handle string quoting and the like. ORM is a mature technology with many other benefits. Use it. Don't hand write INSERTs and UPDATEs and you will be fine.
Seamus Campbell
2010-08-21 02:05:18
at least I need to protect the SQLite, right?
Tattat
2010-08-22 03:04:07