6 Matching Annotations
  1. Oct 2020
    1. All validators can be used independently. Inspried by functional programming paradigm, all built in validators are just functions.

      I'm glad you can use it independently like:


      because sometimes you don't have a formElement available like in their "main" (?) API examples:

  2. Aug 2020
    1. It's worth pointing out that filenames can contain a newline character on many *nix systems. You're unlikely to ever run into this in the wild, but if you're running shell commands on untrusted input this could be a concern
  3. Apr 2020
    1. 1- Validation: you “validate”, ie deem valid or invalid, data at input time. For instance if asked for a zipcode user enters “zzz43”, that’s invalid. At this point, you can reject or… sanitize. 2- sanitization: you make data “sane” before storing it. For instance if you want a zipcode, you can remove any character that’s not [0-9] 3- escaping: at output time, you ensure data printed will never corrupt display and/or be used in an evil way (escaping HTML etc…)
    2. This style of validation most closely follows WordPress’ whitelist philosophy: only allow the user to input what you’re expecting.
    1. What Is Input Validation and Sanitization? Validation checks if the input meets a set of criteria (such as a string contains no standalone single quotation marks). Sanitization modifies the input to ensure that it is valid (such as doubling single quotes).