On Tuesday, Feb 4, 2003, at 15:25 US/Pacific, Andy Ousterhout wrote:
> Thanks. How does this make it more secure?
<!--- fooexternal.cfc --->
<cfcomponent>
<cffunction name="getX">
<cfreturn this.x>
</cffunction>
<cffunction name="setX">
<cfargument name="newX">
<cfset this.x = arguments.newX>
</cffunction>
</cfcomponent>
<!--- testfooexternal.cfm --->
<cfset foo = createObject("component","fooexternal")>
<cfset foo.setX("I'm X")>
<cfoutput>#foo.getX()#</cfoutput>
<cfset foo.x = "I'm an interloper">
<cfoutput>#foo.getX()#</cfoutput>
Now try this:
<!--- foointernal.cfc --->
<cfcomponent>
<cffunction name="getX">
<cfreturn x>
</cffunction>
<cffunction name="setX">
<cfargument name="newX">
<cfset x = arguments.newX>
</cffunction>
</cfcomponent>
<!--- test foointernal.cfm --->
<cfset foo = createObject("component","foointernal")>
<cfset foo.setX("I'm X")>
<cfoutput>#foo.getX()#</cfoutput>
<cfset foo.x = "I'm an interloper">
<cfoutput>#foo.getX()#</cfoutput>
Running testfooexternal.cfm will show:
I'm X I'm an interloper
The calling code has modified your object.
Running testfoointernal.cfm will show:
I'm an X I'm an X
The calling code cannot modify your internal X.
"this" makes data public. The unnamed scope keeps it hidden.
Sean A Corfield -- http://www.corfield.org/blog/
"If you're not annoying somebody, you're not really alive."
-- Margaret Atwood
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
