Funny, me and Douglas had a similar discussion 2 weeks ago about proper
user input validation. My take on this is if the system can pretty
much deduce what the user meant safely, that it proceeds with a deduced
correct value to let the system run. On top of this is a strong warning
either in the logs or via the GUI that a system is about to run on a
deduced value. In the case where the significant octet is 24 bytes, the
4th octet would have been moot and should have been deduced. In such
case, the GUI alerts the user with something like, "Warning:
192.168.1.1/24 <http://192.168.1.1/24> is not a valid subnet. Did you
mean 192.168.1.0/24 <http://192.168.1.1/24> instead?".
+1 that a GUI subnet calculator is somewhat an overkill
+1 that some form of input validation is warranted.
Joegen
On Saturday, 04 September, 2010 10:21 PM, Tony Graziano wrote:
Before a JIRA improvement request is raised, I wanted to ask opinions
and solicit information on this field in sipxconfig.
I was asked to look at a system that had remote user traversal issues.
Within a short period of time going through the system, I found the
following field in sipxconfig had been entered as such:
System>Internet Calling>Intranet Subnets
192.168.1.1/24 <http://192.168.1.1/24>
Which is NOT a network address, and should have been entered as
192.168.1.0/24 <http://192.168.1.0/24>.
Once this was corrected it resolved some of the overall configuration
issues.
My statement and question is this:
Statement:
I don't have a problem with this being a free-form field, because I
can use a subnet calculator in my head or do binary math on a napkin
to make sure this is entered correctly.
Question:
Should the code behind this page disallow the entry if the
network/mask is an invalid one? Or should it be lefty alone?
I don't have a problem either way, it's really a low level improvement
request to me, but I wanted to know if this is a common mistake that
could be prevented with more logic behind the curtain. Perhaps provide
a subnet calculator internally as a guide for those who don't have
access to one that is readily available? In either case )logic or app)
it is more coding, and is a waste of time if it is not a common issue.
Comments please?
Thanks,
Tony
--
======================
Tony Graziano, Manager
Telephone: 434.984.8430
sip: [email protected]
<mailto:[email protected]>
Fax: 434.984.8431
Email: [email protected] <mailto:[email protected]>
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: [email protected]
<mailto:[email protected]>
Fax: 434.984.8427
Helpdesk Contract Customers:
http://www.myitdepartment.net/gethelp/
Why do mathematicians always confuse Halloween and Christmas?
Because 31 Oct = 25 Dec.
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/
