Miscellaneous

For the application running in production debugging should be disabled and Build Status should be Run Application Only. This can either be set manually in the Application definition or when you export the application for import on the production server. When you export also remember to set Export Comments to No. There is no reason to expose that kind of information.

When you use HTML controls like checkboxes, radio buttons or select lists you might think that you don’t need to validate the input from these since the values are constrained. You cannot however count on this. A select list can easily be converted to a normal text input field. For example if you use the Mozilla Firefox browser with the Web Developer Extension installed, you have a menu option that can convert all select lists on the current page to text fields. So take care and validate all input. Use a database trigger or if possible a foreign key constraint or a check constraint.


Author: PeterLorenzen - 06 May 2007

Comments