On Wednesday 25 April 2007, David Bandel wrote: > I was going to recommend pulling the xhtml out. Right now it's all so > intertwined I'm working between working code and display code. While > OK for one person, it makes splitting out work difficult. Those of us > who can do Perl, SQL, _and_ xhtml probably can't do any as well as > those of us who do just one thing well (sounds like the UNIX > philosophy).
This was something that I was (very naively) hoping to do for version 1.0 of LSMB. Looking back at that now, I laugh. The display code and business logic are intertwined in horrific ways, and to make matters worse, many of the input forms do a really, really ugly hack where each time a new item is added, instead of preserving state somewhere it's sent back to the client - html and all - in a hidden field. This alone makes it nearly impossible to properly protect against XSS attacks. Definitely we do want to split the display and business logic, but this might not be a feasible thing to do in any significant way until we move to Template Toolkit or some other similar mechanism. Cheers, Chris ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Ledger-smb-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
