[UPHPU] Table Relationships
phpninja at gmail.com
Fri Apr 6 16:59:26 MDT 2007
> I agree with Mac. If you have to make those checks and fixes at the
> application level anyway, what's the point of having the DB do it? I'd
> like to hear why if anyone sees the need: to me though referential
> integrity restraints at the DB level are as necessary as JS
> validation. It needs to happen at the application level anyway.
> -- John
My view is that server side validation is always the way to go. Client side
validation just makes it more convienient for the user so that if any errors
do come up, they can correct the problem before a POST/GET. Beyond that it
protects absolutely nothing. If you are not server side checking every
single form field for validity you are prone to XSS and SQL injection. I
find that you can validate almost anything server side with regular
expressions, built in language functions, or creating your own validation
functions from scratch.
On 4/6/07, Brandon Stout <bms at mscis.org> wrote:
> Jacob Wright wrote:
> > I like using constraints in that I can set it up so when I delete a
> > "user"
> > or "event" or some other database record it can delete all the
> > relevant data
> > in other tables that only exist for that deleted item.
> Yes, that's another thing. Obviously, writing code that does this is
> more error-prone and difficult than not writing it at all - because the
> database does it for you...
> Brandon Stout
> UPHPU mailing list
> UPHPU at uphpu.org
> IRC: #uphpu on irc.freenode.net
More information about the UPHPU