8.2 Input validation
Input validation involves checking that a user’s input is in the correct format and that its value is within the range defined by input rules. Input validation is critical for security and reliability. In addition to catching inputs from attackers that are deliberately invalid, input validation detects accidentally invalid inputs that could crash your program or pollute your database. A database becomes polluted when incorrect information is added to it. User input errors are the most common cause of database pollution.
Without exception, you should define rules for every type of input field, and you should include code that applies these rules to check the field’s validity. If the input does not conform to the rules, it ...
Get Engineering Software Products: An Introduction to Modern Software Engineering now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
