westcoj
commented
5 years ago Gave inputs brackets to protect from spaces and used regex to sanitize outputs to halt potential SQL attacks. This means only alphanumeric characters and spaces are allowed in playlist names. I figure that's acceptable though.
Currently names for playlists aren't sanitized as they are created. This means possible sql injection and errors when playlist names with spaces appear. This needs to be fixed.