I’m looking for some experienced assessments of how / whether I need to
bother to validate dates in my Rails app. I’ve Googled the topic but
what I’m finding doesn’t tell me what I want to know.
I’m not concerned with visitors entering invalid dates while they’re
using my app. All dates are entered via selects. Also, the app doesn’t
contain any date processing / calculations.
What I’m looking to guard against is hackers who might try to corrupt
the database using a means of access other than the app. I’ve got
length and format validations on all the string fields, and numericality
validations on all the int fields. But I can’t get my arms around how
or even if I need to validate the date / datetime fields. Again, I
don’t care if whatever they might try to feed the db (MySQL) gets turned
into 0000-00-00 or whatever. I just want to ensure that they’re not
able to corrupt the db, create a buffer overrun, etc.
Thanks much for any advice.