Field Validation of Input

[Not a lot of thought]

I've got several instances of fields where I want to validate the data to insure that no special characters are being used. Currently, I am using the itemdelimiter to test for them, but I know there has to be better way of doing this. I'm just calling the second item to verify that there isn't one. If there is I through an error msg with a standard msg about using special characters. For the most part this works, except for if they end the entry with one of them. My problem is that I will be getting into a lot more hardcore validation and I don't know of an easier way to do this. I also use the itemdelimiter in order to segregate names and code things on a higher level than on the targeted items level. I tried the find command, but I'm not sure where the results are posted. If I could post them to a variable it would make it a bit easier to do what I'm trying to do. I know you guys probably have some better ideas.

[MaxV]

This is a very hard question, there are many professional skilled programmers demonstrating that a solution doesn't exist.
However there are many techniques that grant you a good level of security.
If you use livecode for the graphical interface, you can control what is typed by the messages keyDown and rawKeyDown to control what user type. Moreover you can avoid copy and paste.
Furthermore you can use regular expression (regex) to prevent SQL injections like:

Code: Select all

/(\%27)|(\')|(\-\-)|(\%23)|(#)/ix

(see http://www.symantec.com/connect/article ... ng-attacks for more informations)