Validating a form

Imagine trying to authenticate a user nameed "Foo'or True Or'foo" — no "dangerous" characters, but there goes your login scheme.

If all you're doing is reading and writing to the db, then properly parameterizing queries should take care of the problem.

Therefore, you also have to make sure that the values that users enter can be correctly converted to the appropriate data types.

You might also have certain restrictions on the values.

When you restrict the values that users can enter in forms, you reduce the chance that someone can enter a value that can compromise the security of your site.

validating a form-83validating a form-48

Validating data in Microsoft Access allows you to check data whilst it is being entered by the database user and will enable you to not save the data if it breaks any validation rules or routines.

It is easy for an end user to make a mistake when they are entering data or even to leave out important details that must be entered, so we need to check this data when it is being entered into the database.

Allowing invalid data to be entered into the database ensures that the database and the data available will become less valuable and harder for the user to use.

I would not put any constraints on a user name - it may even contain numbers; think of aristocratic names. No matter what regex you come up with, I can find a name somewhere in the world that will break it.

That being said, you do need to sanitize input, to avoid the Little Bobby Tables problem.