Date: Wed, 19 Jul 2006 23:19:32 -0400 From: "Jim Stapleton" <stapleton.41@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: coldfusion alternative Message-ID: <80f4f2b20607192019h6ae61c63h3e0fc4fe64a38e8d@mail.gmail.com> In-Reply-To: <000d01c6ab99$3ee24500$6601a8c0@bnetmd.net> References: <000d01c6ab99$3ee24500$6601a8c0@bnetmd.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/19/06, Glenn McCalley <glenn@bnetmd.net> wrote: > OK so a good customer of long standing wants a coldfusion website. > Some "developer", the husband of one of his staff (so that makes him a > trusted advisor, right?), has convinced him "it's the only way to do it". > My position is maybe that's the only way -he- can do it but there's a whole > wide world of alternatives out there. > > Looking at it, he wants to collect some data on an input form, then hash it > over a couple of ways and present the results. Pretty graphics maybe as > well. Looks to me like Perl... don't even need a real database, heck > DB_File would work just fine for this. > OK with me... > ...but what's the argument to present other than "you don't need > coldfusion"? > > I'd even put CF on the system and be done with it if there was a FreeBSD > version (anyone have any luck with that?). Tracked down BlueDragon but > that's apparently Win only as well. > > Ammunition wanted. > Thanks > Glenn. > > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > I wish I had something more solid than this, but this is the best I have at the moment. I would never suggest cold fusion for one primary reason: Every bit of documentation I've seen suggests that "fieldname_required" hidden fields are a good idea for data verification, and they don't mention _anything_ else, or even suggest the risk with this. Well, the problem is, a hacker won't sent those tags, and if the data is critical, then not putting backups could be dangerous. This isn't necessarily an issue, any two-bit dev should be able to figure this one out. However useing that as well as a backup check is redundant and wasteful. Effectively you are wasting time or giving a hacker a hackme howto. Any language that promotes either of those is a language I would never trust - who knows what they've done inside of it, away from prying eyes. -Jim Stapleton
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?80f4f2b20607192019h6ae61c63h3e0fc4fe64a38e8d>