MySQL enables you to control the length of a particular field by adding a size modifier to the field data type. Now, the way MySQL works, values greater than the specified length are automatically truncated, with no notification or exception generated to let the user know about the change. This is disturbing, because it means that user data can easily get corrupted without the user’s awareness. Now, if a user enters the user name jamesscott, MySQL will automatically (and silently) truncate it to eight characters and save it as jamessco. Obviously, any subsequent attempt by the user to log in as jamesscott will fail, as MySQL will have no record of that particular username. One way around this is, of course, to set sensible length restrictions for your database fields. However, this must be coupled with application-level input validation of entered data, to alert users if their input goes above the prescribed limit and to allow them to modify it.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment