|
|
Posted by Ivαn Sαnchez Ortega on 07/28/06 00:28
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vincent Delporte wrote:
> I'm about to write a prototype for a business application, but since
> this my first real web application, I'm looking for a good book or
> article that sums up the different issues web developers will
> encounter when coming from the world of dedicated applications (VB,
> Delphi, etc.)
First and foremost: Don't trust user input. Ever.
In other words: whenever you receive data from the user (usually by a posted
form, or by some GET variables), clean, check and double-check the data for
validity. Don't ever assume that the user has put a valid value in a form
input field.
Another point to take into account: Every page is a *different* run of your
program. HTTP is a stateless protocol, ya' know. That means:
- - Be careful when passing data from one page to another
- - Be careful about race conditions
- --
- ----------------------------------
IvΓ‘n SΓ‘nchez Ortega -i-punto-sanchez--arroba-mirame-punto-net
ΒΏQuieres aprender a leer?, EscrΓbeme!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEyVpJ3jcQ2mg3Pc8RArI4AJwJO9/SuQqZa3HNpOd9WulKz6C6PgCfaBnk
loUkJdewmsA6FiW17VDNork=
=5j0L
-----END PGP SIGNATURE-----
Navigation:
[Reply to this message]
|