You probably don't have to do any more speech mark-checking. Just make sure that the column in the database is varchar(50) or nvarchar(50) and make sure that its NULL-ability is set properly and you're done.
On Thu, Sep 23, 2010 at 7:01 AM, Richard White <[email protected]> wrote: > > thanks for the replies. just so i understand: > > lets say the client (extjs) passes over a string to be stored in the > database. Extjs has checked that it is a string and a length of 50, and that > it doesnt have any speech marks. the server then tries to insert it into the > database which has a cfqueryparam that checks it is a string and a max > length of 50. do you think this is enough validation, or would you do any > further checks? do you think the server should also check there are no > speech marks in the text as well? > > thanks > > > > > Hi, > > > > when at university i read that it is always best to have 3 layers of > > validation (client,server,database) which i have been doing in my > > applications. > > > > I have now built a few web applications using extjs, which i think has > > excellent validation features. > > > > I am developing a new web application and starting to wonder why all > > the additional work is needed to put all the same validation into the > > server and the database when extjs does so well. > > > > i understand there must be a lot of security on the server and > > database, and any variables accepted by the server can have the type > > attribute set, but is it really necessary to replicate validation on > > all 3 layers? > > > > i have never had the validation on the server or database fire purely > > because extjs is so good! > > > > would appreciate others thoughts on this > > > > thanks > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:337364 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
