I am building an application that includes the ability for the user to enter data into a database.
If a user enters some text, for example they try to enter a date, I want to be able to validate that the string they entered can be executed in an SQL query with out a problem.
I am coding in java, so I’m wondering if there are any small libraries out there that do this, or if I should use different reg-exes to do the validation.
I don’t want to rely on the database to do validation because (a) it could be slow if it is far away, and (b) I may want to implment some other custom validation rules (or let the user do it) and want to keep all my validation in a box.
Thanks
Typically, you shouldn’t rely on the database’s definition of a date. Instead, you should declare a valid application format (e.g., MM/DD/YY) and use regular expressions, a library or your own code to validate the users input and then perform a transformation from the specified format to the database format (e.g., MM/DD/YY -> YY/MM/DD).
If you are using an ORM, it will perform this conversion for you on specific types (like Java’s data classes) based on the underlying database. Otherwise, you have to do this yourself, but it’s best to seperate the input validation from the database specific transformation.