[thelist] usability

Dougal Campbell dougal at gunters.org
Tue Dec 2 12:19:40 CST 2003


On Tue, 2 Dec 2003, Alida Ladak wrote:

> hi all,
>
> I'm working on a page where dates are displayed with the following format:
> 2-Dec-03.  The client wants a new feature that allows the user to input and
> submit a date. The client is not willing to invest in validation of the
> entry.         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  ^^^^^
Then the client will get what he pays for.

Depending on what other error-checking occurs (or, more importantly,
doesn't occur), they might open themselves up to easy site breakage by a
bored cracker. Even if you use the three-dropdown method, it's simple
enough to submit bogus form inputs. And if bogus inputs make it into
the system, and aren't filtered at a later stage, the site can break.

Backend data validation is essential to any robust web app.

-- 
Ernest MacDougal Campbell III, MCP+I, MCSE <dougal at gunters.org>
http://dougal.gunters.org/             http://spam.gunters.org/
  Web Design & Development:  http://www.mentalcollective.com/
       This message is guaranteed to be 100% eror frea!


More information about the thelist mailing list