this post was submitted on 25 May 2026
995 points (99.2% liked)

Programmer Humor

31560 readers
2016 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
995
#NULL! (lemmy.world)
submitted 1 day ago by ivanafterall@lemmy.world to c/programmer_humor@programming.dev
69 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] Valmond@lemmy.dbzer0.com 2 points 7 hours ago (2 children)

Well then someone with a Tagalog name gets caught in your filter...

I mean if it's "perfect" they yes, it'll work, but in production...

Also, you sometimes want to be able to store "1); Drop table abc;" in your database, I mean how do you otherwise store this comment right here? Sanitizing.

[–] deadbeef79000@lemmy.nz 2 points 3 hours ago

That's conforming (to what ever criteria). Send me a UTF-16 string of at most 100 code points. Send me a 7-bit ASCII string of only A-Z0-9. Reject anything that doesn't comform.

sanitizing is trying to clean an input. That's "lemme just double escape some special characters" or stripping/replacing/encoding characters or truncating strings, coercing types. Didn't do this, your sanitization code will have bugs or edge cases.

[–] anton@lemmy.blahaj.zone 2 points 5 hours ago

I agree with everything in your comment except the last word. Only sanitize in cases where there isn't a better option like html or terminal escape sequences. SQL had prepared statements, which are better.