Re: cutting out the middleperl

From: merlyn(at)stonehenge(dot)com (Randal L(dot) Schwartz)
To: Kenneth Downs <ken(at)secdat(dot)com>
Cc: Kev <kevinjamesfield(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org
Subject: Re: cutting out the middleperl
Date: 2007-03-27 14:13:07
Message-ID: 86zm5yvkp8.fsf@blue.stonehenge.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

>>>>> "Kenneth" == Kenneth Downs <ken(at)secdat(dot)com> writes:

Kenneth> This in effect makes the web server a proxy to the database, which
Kenneth> sounds like what you are after. The "P" portion for us is PHP, not
Kenneth> Perl, and it is small though non-zero. It has only two jobs really.
Kenneth> In the one direction it converts HTTP requests into SQL, and in the
Kenneth> other it converts SQL results into HTML.

How do you control trust? I presume you're not accepting raw SQL queries (or
even snippets) over the wire, so you have to have enough server-side mapping
code to map domain objects into database objects and domain verbs into
queries, and then authenticate and authorize that this verb is permitted by
the incoming user. That can't be just a trivial amount of code. That's
usually a serious pile of code.

And please don't tell me you do all of that client-side. :)

--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn(at)stonehenge(dot)com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Filip Rembiałkowski 2007-03-27 14:16:23 Re: Every user has own database - how?
Previous Message Jaime Silvela 2007-03-27 14:12:43 Re: COPY losing information