Takeaway: Check the length of form field inputs!
Once I was doing a livestream making a website called "Internet Flamewar" in front of a squirrely audience. The idea was to submit two things and then argue why one was better than the other in a sort of Reddit-style comments system. Vim vs Emacs. Cats vs Dogs. Stuffed lambs vs stuffed frogs. Important stuff ya know?
Despite the fact that this was a horrible idea for a website because it would quickly become a steaming cesspool of horrible comments, I also made a wee little mistake with the code. I was creating the database table for a comment, and used this Django class:
class Comment(models.Model): user = models.ForeignKey(User) body = models.TextField() date = models.DateField()
Can you spot the problem?
It was made clear to me when I put the site up and the viewers of my livestream descended upon it. The first rule of launching a new website is that someone is definitely going to try to break your site immediately. I looked at some of the posts people were making and then discovered a page that had a bit of a formatting problem.
Someone had decided to try pasting the entirety of Kafka's Metamorphosis into the comment box.
They just went to http://www.kafka.org/index.php?aid=170 and copied all 121,177 characters of the book's text and shoved it right up into my database. And the database happily saved every last character.
The solution was simple: Just add a length limit to the body field.
class Comment(models.Model): user = models.ForeignKey(User) # Add max_length to the body field: body = models.TextField(max_length=255) date = models.DateField()