Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How can we validate strings for meeting 8-bit US ASCII requirement ?

 
Jean Robillard
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are we responsible for validating the user input for meeting the given character set? If so, how ?

I instantiated a String with a given character set before saving to DB and did the same when reading from DB, but doing so alone will not validate user's input or throw any exception. Worse yet, it went ahead & saved the foreign words that I entered into DB, and it totally corrupted the DB and rendered the application useless.

So, is there any point in the assignment instruction to use certain character set (other than the default), when we are not responsible for validating user input for valid characters..? I could validate user input by making sure (int) str.charAt(i) < 254 but then this would defeat the purpose of creating the string with a specific character set. What good is this 8-bit ASCII requirement anyway.
[ June 03, 2008: Message edited by: Jean Robillard ]
 
Johan den Boer
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

I use this line of code for using character encoding of my db file

String value = new String(buf, recordOffset, fieldLength, Constants.CHAR_ENCODING);

where Constants.CHAR_ENCODING = US_ASCII
buf = bytes[]

To save bytes in your db file you need to convert from string to bytes and specify the character encoding

Johan
 
Andrew Monkhouse
author and jackaroo
Marshal Commander
Pie
Posts: 11851
185
C++ Firefox Browser IntelliJ IDE Java Mac Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Jean Robillard:
Are we responsible for validating the user input for meeting the given character set?

Interesting. I am in 2 minds about this.

At a "SCJD assignment" level, I think that trying to handle this is possibly going beyond requirements - it may be something that you document in your choices.txt file as being out of scope.

However in real life I would think that you should be responsible for this, and furthermore I think you should be double checking - once at the GUI level to give the user immediate feedback that there is a problem, plus also at the database layer itself in case they scrap your GUI but keep your database layer.

Originally posted by Jean Robillard:
... If so, how ?

On the GUI side, I think you could possibly extend JTextField to only allow certain characters. I have an example in chapter 8 of my book, (page 247), however this is also discussed in the topic "Book Number text field".

At the point where you are saving the data, I would be tempted to do a quick and dirty bit of coding. Something like:

This allows for the potential future growth of the system where fields other than the customer number may be saved. As long as the input string matches the same string recoded into US-ASCII then it will be saved.

There may be a more efficient way of handling this, however I have already spent more time just now than I originally intended - sorry.

Originally posted by Jean Robillard:
I instantiated a String with a given character set before saving to DB and did the same when reading from DB, but doing so alone will not validate user's input or throw any exception. Worse yet, it went ahead & saved the foreign words that I entered into DB, and it totally corrupted the DB and rendered the application useless.
I think this is a good reason for doing validation!

Originally posted by Jean Robillard:
So, is there any point in the assignment instruction to use certain character set (other than the default)

Well the assignment would be an order of magnitude harder if you had to have the ability to change records where the field lengths are no longer fixed.

Regards, Andrew
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic