Hi MK,
MK wrote: > On 07/05/2009 02:27:23 PM, hha...@gmail.com wrote: >> First, site structure. You happily use several different file >> extensions (html, mhtml, comp) without explaining why you chose to >> name the file one way or the other. > I guess I didn't consider that important since I said you could call > the files whatever you like, and I didn't want to sound like my naming > conventions were necessary by being pedantic about them. But there is > a convention there (I call a fresh page .mhtml and a component of a > page .comp; I just used .html for the index since apache will want > that), so maybe I will add a note to this effect. For what it's worth, the Mason FAQ talks very briefly about this: http://www.masonhq.com/?FAQ:ServerConfiguration#h-what_filename_extensions_should_i_use_for_mason_components_ which I've tried to stick to. But yes, it is up to the individual. >> Your code is rife with SQL injection and cross-site scripting >> vulnerabilities. Here's a quick refresher: ... > I'm almost as new to SQL as I am to Mason! If you could explain the > significance of this difference to me, or at least point me to some > explanation, I will bring the code up to par... hhaamu's point is correct, of course. But another option is to check user input right when it comes in and then after that, when you can be sure nothing funny can creep in, you can be a bit sloppy with the checking. Of course, in this case, being sloppy isn't going to hurt the server's execution time -- so this point is perhaps irrelevant in this case. ...and better safe than sorry. Ray ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Mason-users mailing list Mason-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mason-users
