Answer the question
In order to leave comments, you need to log in
How to store client side JS code in Mysql?
You need to store the client JS code in the database.
I know that this is a potentially vulnerable place, so I covered all incoming data with all sorts of checks to the maximum.
The question is: is it worth keeping this code in its pure form, or is it still worth running it through an encoder (base64 for example), and only then putting it into the database. I understand that JS is just a string for the database, but this string can contain all sorts of special characters, which, theoretically, can harm the database.
Russian-speaking Google can say almost nothing about this, but in English it gives such advice that it’s easier to drop the base manually right away ...
Answer the question
In order to leave comments, you need to log in
We put the code in the database as is, we read less about the mysterious code that can "damage the database", more about PDO and prepared statement. All the shoals can only come up during the output, if there is some kind of crooked code - all the crap will happen on the clientside.
Text as text. You have a problem if the code needs to be displayed as executable, and even in the context of its domain, or even executed on the server.
And the DBMS doesn't care what the text is. At least write a binary in a blob. There is only one rule - never concatenate data into a control request.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question