Paul Gilmartin wrote:
In a recent note, Steve Comstock said:
Date: Fri, 17 Jun 2005 09:01:09 -0600
Shmuel (Seymour J.) Metz wrote:
Warn about data validation. Tell them not to validate user input,
e.g., addresses, names, unless they *FULLY* understand[2] the syntax.
Tell them that if they have restrictions on the formats[3] of, e.g.,
SSN, Telephone number, ZIP code, then they should spell them out.
And that if integrity depends on validity, they must validate at the
server, not just in a Javascript at the client. A rogue client can
readily forge a validation.
-- gil
Well, yes. Which leads to the server-side course...
More good points.
Anyone got any students to take this course?
Kind regards,
-Steve Comstock
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
