#1
  1. web.graphic.print
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Location
    Lancaster, CA USA
    Posts
    118
    Rep Power
    114

    Escaping correctly


    I was having a hard time googling this one. I'm sending data from JavaScript to PHP via POST via FormData. As I understand it FormData escapes special characters all by itself so my data will get to PHP correctly. Is this correct? Is there anything else I need to watch out for as far as escaping characters?
    Fire Minded
    Brent Bevans
    661.974.6771
    43654 Colony dr., Lancaster, CA 93536
    fire.minded.design@gmail.com
    http://www.fireminded.com
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,915
    Rep Power
    1045
    Hi,

    don't use low-level JavaScript. There are many excellent JavaScript frameworks out there (jQuery, Prototype, ...), so there's absolutely no reason for fumbling with low-level stuff like encodings -- which always comes with the risk of messing it up, creating browser incompatibilities etc.

    For the sake of completeness: Yes, the FormData interface does take care of the correct encoding. However, many browsers don't support this interface at all (like all IE versions up to 9). So many people won't be able to use your website, which is probably not what you want.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers? There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. web.graphic.print
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Location
    Lancaster, CA USA
    Posts
    118
    Rep Power
    114
    You know I do enjoy coding raw JS but I have been wondering about JS frameworks. I've played with prototype/scriptaculous a little bit, not really with Node or JQuery (though I've heard/read about them). What do you suggest as a framework?
    Fire Minded
    Brent Bevans
    661.974.6771
    43654 Colony dr., Lancaster, CA 93536
    fire.minded.design@gmail.com
    http://www.fireminded.com
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,915
    Rep Power
    1045
    Originally Posted by fireminded
    You know I do enjoy coding raw JS [...]
    Wait until you have to write a big application for a wide range of different browsers.



    Originally Posted by fireminded
    What do you suggest as a framework?
    jQuery.

    Comments on this post

    • web_loone08 agrees
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers? There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. web.graphic.print
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Location
    Lancaster, CA USA
    Posts
    118
    Rep Power
    114
    ok cool will definitely check it out.
    Fire Minded
    Brent Bevans
    661.974.6771
    43654 Colony dr., Lancaster, CA 93536
    fire.minded.design@gmail.com
    http://www.fireminded.com

IMN logo majestic logo threadwatch logo seochat tools logo