Rasmus Lerdorf schrieb:
Well, I actually have years of experience taking apps and making them run under my strict default filter. And it tends to not be very many changes, if any at all. In the O'Reilly case it gets changed to O'Reilly which for a pure web app is fine. If all input consistently gets changed the same way then you can store O'Reilly in the backend and a search will still find it since the search query itself will be encoded the same way. If you have non web tools working with the same backend data, then you may have a requirement to store it raw, in which case you'd need to poke a hole in your data firewall.
I have a hard time remembering the last at least half-serious web app that i touched that didn't at least include email functionality ... and even if it doesn't, storing scrambled data in the backend is not really a good idea, for example because it makes adding functionality - like email - that needs another encoding hard.
Regards, Stefan -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
