> The database validation is really well covered by using cfqueryparam and stored pros.
...PLUS doing a good job of choosing column datatypes (so that the DB will throw an exception if you try to insert "one" into an int column) and enforcing primary/foreign keys/relationships (so that the DB will throw exceptions for stuff like deleting a row in a lookup table when that row is referred to elsewhere, attempting to insert a duplicate primary key, etc). Good DB-design leads to "database-level validation." On Thu, Sep 23, 2010 at 4:46 AM, Russ Michaels <[email protected]> wrote: > > The other thing to keep in mind is that u can use the same validation for > client and server esp when using ajar as it's presumably all in a cfc > The database validation is really well covered by using cfqueryparam and > stored pros. > > Russ > > On 23 Sep 2010 10:00, "Matt Quackenbush" <[email protected]> wrote: > > > If you want to get downright technical about it, the three layers of > validation is an excellent requirement. However, in terms of practicality, > one can get away with only client/server for most applications. Server is > an > absolute must, though, as client validations are incredibly simple to > bypass. > > Sent from my iPhone > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:337358 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
