Am Montag, 9. Juli 2001 11:36 schrieb Richard Huxton:
> Data validation (making sure all values submitted are of valid types and
> ranges) needs to be done before you reach the database. You should be
> checking all submitted values anyway, just for security implications. Do
> this in your server-side Perl/PHP/Java/C, don't just rely on javascript in
> the browser.
Hi Richard (thanks for your explanations)
thinking a few days about your words i decided to do the error checking in a
serverside programm. So i have three components. GUI(HTML),
frontend(serverside), Database(backend)
But if i have a table like
create table (level int2 check level > 0 and level < 10);
i do the error checking two times. Once in my frontend (not GUI) and once in
my backend (database). If have to do the check in my frontend too because i
want german readable error messages and not database produced error messages.
And i have to check it in my database because frontends like pgsql wont check
it.
if i want to change the range to 12 i have to change it in two programms.
thats what i dont like.
Are there any examples to learn from. In SQL books you always get this easy
shit like "i build a cd database" huii. Nothing about how to design a whole
software with a SQL database. Error checking, How to Connect a OO Layer to a
database....
Does anybody know some in-depth examples on the web?
thanks in advance
janning
p.s: is this the correct mailing list for such questions?? or is it OT?
> Only allowing users to add orders for products with an existing
> product-code, now that is something that can (and should) be enforced in
> the database. Personally, I'd still want to trap the errors from the
> database and then produce a user-friendly message in my application.
>
> > Can anybody tell me how to make a really good and flexible error
>
> processing
>
> > with postgreSQL??
>
> Examine the types of errors that can occur. You should find they fall into
> a number of different classes. These classes should (hopefully) closely
> match the structure of your application. Each part of your application
> should then be responsible for generating its own exceptions and dealing
> with errors generated by helper modules.
>
> In your case, handle this in your object/database abstraction layer. If you
> don't have one, build one - it's not usually a big issue performance-wise
> and will pay you back tenfold if you need to change the underlying database
> / database system.
>
> HTH
>
> - Richard Huxton
--
Planwerk 6 /websolutions
Herzogstraße 86
40215 Düsseldorf
fon 0211-6015919
fax 0211-6015917
http://www.planwerk6.de
