Getting the maximum character length insertable to any given field

Question

I'm trying to protect my back end from possible malicious POST's.

Each back end method has a certain set of variables expected in JSON that corresponds to a field in a mysql table so I figured it would be good if I limited the maximum number of characters receivable in any of those methods to the sum of what could possibly go into these fields + overhead from json formatting.

How can I find out the maximum length in string representation to any of the fields that I have in my tables?

phpmyadmin displays a (number) next to the type of each field when viewing the structure of a table that seems to be what I want, like an UNSIGNED INT can have a maximum of 10 characters, UNSIGNED BIGINT is 20 and CHAR(127) is 127.. but I'm unsure what this number really means.

Answer 1

You can query the metadata from MySQL (there's more than what I showed too).

select COLUMN_NAME, DATA_TYPE, CHARACTER_MAXIMUM_LENGTH,
    NUMERIC_SCALE, NUMERIC_PRECISION
from information_schema.columns
where table_name = '<table_name>'
and table_schema = '<schema_name>'

This will give you what you're looking for.

I'm not sure your basic plan will work great though. The web server will still take the request and have to get it to you for you to analyze which will take a lot of the overhead. But it won't hurt to cut it off there... so I guess it will be beneficial.

Update

You can limit the post size with the info in this related question: Is there a max size for POST parameter content?.