The stupid question is the question not asked | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Hookay! Let's start this answer with an explanation of APIs. You have two (maybe three) completely different and (mostly) unrelated applications working together. You have:
Just because the browser says it's an acceptable value DOES NOT MEAN that the CGI script believes it. Your data will NOT always come through the CGI script. And, likewise for your database! Your database is the be-all-end-all master arbiter of all things. If it doesn't safeguard its data, who will?! So, what you do is code up the restrictions EVERYWHERE. You replicate restrictions. This is defense-in-depth. The goal is to guarantee that you refuse a bad value, even if you accidentally refuse a good value every once in a while. Recovering from a refused good value is easy. Recovering from an accepted bad value can be impossible. My criteria for good software:
In reply to Re: Migrating database field values rules from Perl code to DB
by dragonchild
|
|