Comments (7)
crookse
commented on June 19, 2024
1
We could just change special characters to entities before they go into the database and then convert them back when we retrieve them
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Do you have an idea of how this would be implemented? I'm used to using PDO or having the framework used do this, but not manually
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Course nice, one, i was thinking of the whole query which is where i was going wrong
So i guess the end result would be:
- All CRUD methods would call a new
escapeQueryDatamethod (or whatever name is best) before callingthis.prepare - SELECT method would call a
unescapeDBResult(or whatever name is best) to unescape the data at the end of the method, before returning it
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Asked in pgc4d and deno-postgres to see if they currently have sanitisation implemented, or any plans to. Mainly because it would save us a job of doing it manually.
Note that there is another postgres module mentioned but by no means am i suggestion it, just trying to get as much info as possible
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Author of pgc4d replied here, and they do encode queries when used with placeholders
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Seems like deno-postgres does: await client.query("SELECT * FROM ids WHERE id < $1;", 2). Worth checking as hadn't had any confirmation from the owner
from deno-drash-realworld-example-app.
ebebbington
commented on June 19, 2024
Postgress currently doesn't, but they do parameterise queries so it means we can strip out logic we have added to do that
from deno-drash-realworld-example-app.
Related Issues (20)
- Put onto drash.io HOT 1
- Add Cypress
- Add Cypress
- Re enable linting in Ci when deno lint bug is fixed
- Standardise
- Move to deploy? HOT 1
- use nessie?
- dont mount the node modules folder or bundled files
- Add relations to models HOT 1
- s3 example
- Use proper request validation
- question: Does this has code generator? HOT 2
- feat: Add custom 4xx and 50xx service
- bug: Protected endpoint create article can be called without being logged in an with arbitrary userid parameter.
- Mention Dmm and Vue-Input
- Write Basic Tests
- Write Advanced Tests
- Realworld App v1.0 (Release Date: 11-01-2020) HOT 2
- Realworld App v2.0
- Fix Linter
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from deno-drash-realworld-example-app.