On 7/19/06, Glenn McCalley <[EMAIL PROTECTED]> wrote:
OK so a good customer of long standing wants a coldfusion website.
Some "developer", the husband of one of his staff (so that makes him a
trusted advisor, right?), has convinced him "it's the only way to do it".
My position is maybe that's the only way -he- can do it but there's a whole
wide world of alternatives out there.
Looking at it, he wants to collect some data on an input form, then hash it
over a couple of ways and present the results. Pretty graphics maybe as
well. Looks to me like Perl... don't even need a real database, heck
DB_File would work just fine for this.
OK with me...
...but what's the argument to present other than "you don't need
coldfusion"?
I'd even put CF on the system and be done with it if there was a FreeBSD
version (anyone have any luck with that?). Tracked down BlueDragon but
that's apparently Win only as well.
Ammunition wanted.
Thanks
Glenn.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
I wish I had something more solid than this, but this is the best I
have at the moment. I would never suggest cold fusion for one primary
reason:
Every bit of documentation I've seen suggests that
"fieldname_required" hidden fields are a good idea for data
verification, and they don't mention _anything_ else, or even suggest
the risk with this.
Well, the problem is, a hacker won't sent those tags, and if the data
is critical, then not putting backups could be dangerous. This isn't
necessarily an issue, any two-bit dev should be able to figure this
one out. However useing that as well as a backup check is redundant
and wasteful.
Effectively you are wasting time or giving a hacker a hackme howto.
Any language that promotes either of those is a language I would never
trust - who knows what they've done inside of it, away from prying
eyes.
-Jim Stapleton
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
