> > Data validation should be done at all levels. Period. > > Validating the SAME data at each level greatly decreases your speed.
True, but at the expense of data reliability and security. If one validation layer is compromised (buffer overflow, packet injection, or even a bad link between client and server), the other will catch it. See my previous post. Infact, many coding standards and certifications call for strict validation at all levels. Never _ever_ sacrifice security for performance. Big mistake. > It is much simpler and easier to just validate it first. Disagree. If you were to validate it only in one layer, it would have to be last (i.e., closest to the server). Think of a website doing javascript validation of credit card information. One can easily override the validation my simply modifying the HTTP requests (or maybe even disabling javascript). Anyhow, this is getting way off topic. A thousand apologies. -- Mohit Muthanna [mohit (at) muthanna (uhuh) com] "There are 10 types of people. Those who understand binary, and those who don't." _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users