Name: Anonymous 2011-05-02 18:32
Quick opinion question for you:
When you're instantiating an object based on unsafe input from a form in a loosely-typed language, do you leave the sanitation up to the form handler, or to the object?
Ex:
vs.
When you're instantiating an object based on unsafe input from a form in a loosely-typed language, do you leave the sanitation up to the form handler, or to the object?
Ex:
p = new Pokemon();
p.name = sanitize(form.name);vs.
p = new Pokemon();
p.setName(form.name); // sanitizing code in the method