This isn't CFC
specific but I think this list is best suited to help answer my question.
I'm working on an application (built using Fusebox 5) and am using FB5
as the MVC framework. I am placing as much of the business
logic (i.e. Model) into CFC's as possible and keeping the View's 'clean'
from any business logic. I say clean b/c a view is never
"truly" business logic free. Simple example: email address is
required to create a profile in the system (business rule) therefore place a red
asterisk next to it on the data entry form. It's that form validation
area I'm looking for some suggestions/guidance. Where do people
place form specific validation, the Model or View? And by Form
specific validation I'm specifically referring to required fields, checking
field lengths, email address checks, etc.
Side note, I may
have sat through one to many of Ray Camden's classes on security and hence
have become paranoid b/c I always check field lengths, required fields,
etc on the server side, regardless of what is going on w/ the client
side, just in case someone tried to save the HTML page locally, hack it up
and see what happens if they repost it. Also, I understand that some other
frameworks, such as Model Glue, encapsulate all form or url parameters into
a special object and pass this into a CFC for
processing and since FB5 does the same thing and places those items in
the attributes scope I could pass that to a CFC for validation.
However, that does not feel like a good idea and hence I'm looking for
suggestions
& opinions.
Thanks,
Jason
Jason Daiger
PH: 410.480.8148 x301
EML: [EMAIL PROTECTED]
You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email.
CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com).
An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
