On 3/27/07, Randal L. Schwartz <merlyn@stonehenge.com> wrote:
> >>>>> "Kenneth" == Kenneth Downs <ken@secdat.com> writes:
>
> Kenneth> This in effect makes the web server a proxy to the database, which
> Kenneth> sounds like what you are after. The "P" portion for us is PHP, not
> Kenneth> Perl, and it is small though non-zero. It has only two jobs really.
> Kenneth> In the one direction it converts HTTP requests into SQL, and in the
> Kenneth> other it converts SQL results into HTML.
>
> How do you control trust? I presume you're not accepting raw SQL queries (or
> even snippets) over the wire, so you have to have enough server-side mapping
> code to map domain objects into database objects and domain verbs into
> queries, and then authenticate and authorize that this verb is permitted by
> the incoming user. That can't be just a trivial amount of code. That's
> usually a serious pile of code.
>
> And please don't tell me you do all of that client-side. :)
looking at his project, it looks like you create tables and forms
using simple rule based system. very elegant imo, although I would
greatly prefer to to have the rules be in tables them selves, so I can
manipulate with sql, or self hosting dialogs. very interesting
project i must sasy, it feels like alphora but with web spin on it.
merlin
