[cgiapp] LinkIntegrity vs ValidateQuery plugin?

[Ron Savage]

Hi Mark

On Tue, 2009-04-14 at 11:16 -0400, Mark Stosberg wrote:
> However, only validation can check if in fact I have all parameters I
> need in the right format. That protects against the case where my
> application generates a link with a valid checksum, but somehow has the
> wrong data in it. If I skipped validation in the receiving run mode,  I
> open myself up for a garbage-in/garbage-out problem, or perhaps worse.

Since validation on the server side is inescapable, are you /sure/ link
checksumming adds something worth the effort.

For instance, in menus, I renumber all items 1 .. N, no matter what db
record they point to. At the same time, in the session, I save another
map which reverts that 1 .. N to the 'real' id of each item.

OK, so it doesn't protest against everything, but it helps validation.

I did not put the logic in a separate module yet.

-- 
Ron Savage
ron at savage.net.au
http://savage.net.au/index.html