All geek questions in one place

Is it common to store a query string in a database?

If I were to take the request string from the HTTP request request of the incoming request in a web application, save it directly in the MySql database and then use it later to reassemble the original request URL, will this be considered OK?

I am wondering if there are any "gotchas", such as special characters or multibyte characters in the query string, that may require me to encode the data or something else before saving it.

Thanks in advance.

EDIT . My specific use case will be something like the following. Although my main problem is whether any special characters in the query string can cause unexpected problems.

  • User submits form.
  • When processing the form, we determine that the user must confirm his email.
  • We send the user an email for confirmation and save the original query string in the database, because we always want to transfer any query string parameters that were in the query.
  • After the user confirms the email, we redirect them back to the original URL of the form and add the original query string to ensure that the query string parameters are wrapped.
+4
source share
5 answers

I do not see anything wrong with this, but it makes more sense to me to store the analyzed values, rather than data in querystring format. This could further improve the future, for example, if you later change the name of the query string parameters in your application.

developed:
Instead of storing "? Param1 = A & param2 = B & param3 = C" in a field called "querystring" it would probably be better to store A, B and C in three fields called Param1, Param2 and Param3.

Update:
Based on the case you are using, you have added to your question, in particular, a part about this data should be temporarily stored until the user confirms his account. I do not think that something is wrong with saving the query string in raw format. If you plan on storing this information for a long time, my original recommendation is worth it.

+4
source

I would definitely use bindings for saved queries.

INSERT INTO TABLE_OF_QUERIES (field1, field2, field3) VALUES (?,?,?);
+1
source

Why dwell on QueryString? If you want to save part of the header, why not save all the header information, including cookies, publish data, etc.

+1
source

Not at all. I worked at a financial institution where every transaction that occurred was stored in a database, including an SQL query. This was used to audit transactions, used for auditing and reporting. In addition, it gives a good user transaction history.

0
source

Depends on what really is.

If you are dealing with another server, and the query string is all you need to identify the request (well, a URI, but presumably you are betting that the rest is static, maybe check this assumption), then it is ideal use what is essentially an identifier as an identifier.

If your code is located on a server that processes the request itself, then it will not be ideal for many purposes, although it may be for logging and caching.

If your code deals with the actual query parameters, then probably not.

0
source

Source: https://habr.com/ru/post/1345563/

More articles:


All Articles