Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Best method to disallow special characters
Message
From
04/10/2005 13:18:52
Rollin Burr
SAIC
Stafford, Virginia, United States
 
General information
Forum:
Microsoft SQL Server
Category:
Security
Title:
Re: Best method to disallow special characters
Miscellaneous
Thread ID:
01055902
Message ID:
01055955
Views:
14
>Here's the shorter and faster way to test for "bad" characters
>DECLARE @BadCharList varchar(32), @StringToTest varchar(50)
>
>SET @StringToTest = 'CHECK Constraint z'
>SELECT PATINDEX('%[!@#$%^&*()]%',  @StringToTest)
>
>-- or
>
>SET @BadCharList = '!@#$%^&*()'
>SELECT PATINDEX('%[' + @BadCharList + ']%',  @StringToTest)
>
>
>>The function would allow the code to be reused over several tables or even databases. It could be used in triggers.
>>
><snip>>
>>In a trigger or a CHECK Constraint there is still the issue of having to check each field for each special character. Can you think of a better, quicker way of doing this, or is this as good as another choice?

This works nicely.
Is there a way to include ] and ' in the bad list?
Thank You

Rollin Burr

Politicians and diapers have one thing in common. They should both be changed regularly, and for the same reason.
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform