limodou wrote: > Reasons sound very reasonable. But I think current implement in django > is enough. Maybe model with validation is better but unnecessary. We > have many ways to validate data before it saved in db.
Any Security Foil-Hat will tell: Validate early and validate often. It makes no sense for a good ORM to allow someone to save data that breaks database constraints, without jumping through a few hoops (validate=False) if you expect a secure ORM. It makes perfect sense that at least basic data validation should be implemented in models, and it *is* a necessity to anyone security-minded. -- --Max Battcher-- http://www.worldmaker.net/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers -~----------~----~----~----~------~----~------~--~---
