Assumptions when validating user data (Re: [Techtalk] SQL learning pointers)

[Kai MacTane]

At 12/3/02 02:08 AM , Mary wrote:

>But please, optional state names/codes outside the US :) I've seen the
>reverse, where as soon as you select a non-US country, both the "zip"
>code and state forms are disabled which makes it hard or impossible to
>deliver Australian mail :)

This got me wondering about how I did this the last time I needed to. So I 
went and checked, and I set it up like so:

Name, Address, City and Country are required. They all took free-form text 
fields, because this was before I got hep to Web security. Then again, the 
results of that form were just getting put into an email, not run through 
any SQL statements, so an unescaped apostrophe wouldn't cause any mischief 
anyway.

The fields labeled "State/Province" and "Postal Code" are optional on the 
form. However, if "Country" is set to either "USA" (the default) or 
"Canada", then the processing script will ask for them if they're not 
filled out. (Seems like I should have added Australia to that.)

Seems reasonable?

                                                 --Kai MacTane
----------------------------------------------------------------------
"Before you slip into unconsciousness,
  I'd like to have another kiss,
  Another flashing chance at bliss..."
                                                 --The Doors,
                                                  "The Crystal Ship"