Login/Register
Android c2dm registration id format
Asked Answered
Solved phpandroidregexandroid-c2dm
W

1

8

I suspect I am going to feel really stupid after posting this but here goes. I have two main questions:

1) What is an appropriate regex to use for the registration id? Currently I have the following but I have not been able to find any docs to support whether this is sufficient:

'/^[a-z0-9_-]{40,255}$/i'

2) Is it "valid" for a regID to contain "--"? I know that android can't go worrying about what every language - in this case mysql - uses for comments, etc. but this caught me a little off guard. Up to this point I had always flagged that in my sanitizer(s) because of the possibility of being used for sql injection.

Wyandotte answered 17/5, 2012 at 11:58 Comment(3)
Like Seva Alekseyev says, the format of the C2DM registration ID can change at any time, so using a regex for this would not necessarily be the best solution. If your only worry is storing in MySQL, there's no need to do this validation. Instead consider mysqli_prepare() or mysqli_real_escape_string() for your MySQL statements to avoid SQL injection. Personally I prefer mysqli_prepare() over mysqli_real_escape_string().Pernod
I think you got the best possible answer you need to accept itRossini
@dilip - Sorry, I have been away. AcceptedWyandotte
B
12

The format of the registration ID is an implementation detail. Google might change it anytime without any notice. Why do you want to validate it? If storing in MySQL is a concern, use mysql_real_escape_string() just in case, or mysqli::real_escape_string() with mysqli on PHP, or parameters.

It's like people's names. You might think it's all alphabetic, then O'Neil comes along. Escape it just in case.

Boarder answered 14/6, 2012 at 17:16 Comment(1)
Exactly. Escape the inputs properly and there is no SQL injection to worry about.Syllabify

© 2022 - 2024 — McMap. All rights reserved.