hi,
see inlined comments
----- Original Message -----
From: "Patrick Fong" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 27, 2001 3:15 AM
Subject: Question about effective servlet development
> Hi
>
> I have two questions.
>
> 1) I was wondering if it was more effective to have one servlet that
> handles all the requests eg. http://localhost/index.jsp?instruct=02 for
> adding requests, index.jsp?instruct=03 for editting database entries.
>
> String instruct= request.getParameter("request");
>
> if (instruct.compareTo("01")!=-1) {
>
>
> } //do something
>
> else if (same as above) {
>
> if request.getParameter(Parameters for inserting database requests) {
>
> }// do the DB thing
>
> }
>
> and so on... I find alot of big web-sites are doing that now. What are
> benefits of this? I am trying to prevent the user from finding out too
much
> about the operations of the web-sites. I think that any individual can
> figure out how a database works and how the website works by looking atthe
> form elements and the links within the page. What is the best way of
> hidding these sort of information. (I want the users to use the web-site
> and not try to hack into the database etc etc).
>
set the method of yur formulars to post, so the users don't see (in the
adress bar) what attributes you send to the server, use url rewriting as
session tracking mechanism --> the urls look wonderful complicated, do some
server-side validation to see if it's nonsense what a user sent...
> 2) I have also come across websites where by clicking on the link it
brings
> you to http://localhost/index.jsp# and it brings up windows/goes away and
> does something.
don't understand that.... websites bring up other windows by using a
scripting language, what do u mean with "goes away and does something"???
-mw
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
