On Sun, May 09, 2004 at 09:44:43AM -0500, Puneet Kishor wrote:
> since you asked for suggestions on improving the approach, my
> suggestion would be to not use H-T/Perl for this at all. Use
> JavaScript. I am assuming that you are using the cgi params to send
> back in case errors are found because you are not using any db work for
> error checking. If that is the case, check it _before_ the user submits
> the form.
Never trust anything received from the browser.
It's perfectly reasonable to use Javascript to deliver more
user-friendly error messages, but this should never be confused with
error *checking*. (Unless, of course, you happen to enjoy reinstalling
your servers while reading an in-depth analysis of your program's bugs
and mockery of your personal competence on Bugtraq and the like.)
All IMHO, of course.
-- Clifton
--
Clifton Royston -- [EMAIL PROTECTED]
Tiki Technologies Lead Programmer/Software Architect
Did you ever fly a kite in bed? Did you ever walk with ten cats on your head?
Did you ever milk this kind of cow? Well we can do it. We know how.
If you never did, you should. These things are fun, and fun is good.
-- Dr. Seuss
-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Html-template-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/html-template-users
