Am 05.09.2017 um 18:57 schrieb Lester Caine:
But not at the cost of writing different sets of code to play to each
area where checking SHOULD be done. Stick to a single standard method of
defining the metadata and that already exists in the database layer
ok, to make that point clear:
not every input which needs to be validated or sanitized is *related to
a database at all* and hence input validation can't be done in the
database-layer and only there by definition for everything
frankly since 3 weeks our core-application is at a level where the
database-layer get not loaded at all until inputs are not verfified
because database stuff is on-demand and 80% of all requests when there
is some traffic within 80% seconds don't load the database layer because
of smart caching
form-input is validated, checked against CSRF-tokens, captcha and
*after* all the validations are fine the database layer becomes part of
the game - that alone brought again 43% higher requests/second on a
already highly optimizied codebase
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
