Is there a way to scrubb the form input that has been pasted into the form, before inserting into MySQL? After posting the data that was pasted into the form I see a large amount of filler junk in the table.
You can type cast (int),(string),(float).
You can pattern match (regex).
You can filter by IP (whitelist/blacklist).
You can filter based on session.
You can filter based on IP & time.
You can filter based on duplicate variables (two phone #s are the same).
There's an insane amount of ways to filter and parse data. It depends a lot on what kind of data is supposed to be stored in the table. You can try captchas if you're receiving a large amount of spam, but even captchas have their limits.
I would suggest preprocessing the form data before inserting it (using php if that's your language), but
Mysql supports type casting, regular expressions, and unique indexes. It can store IP and time.
Reply With Quote
Bookmarks