Modern front-end development: skinny jeans and handlebar mustaches ITT

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Modern front-end development: skinny jeans and handlebar mustaches ITT

G-Prime: Apr 30, 2003; Baby, when it's love,
if it's not rough it isn't fun.

Why not set up a server-side script that accepts predefined actions from POST actions, and leave the DB abstraction to that? You could make calls to that through AJAX and never expose the DB.

# ¿ Dec 10, 2013 17:44

Adbot: ADBOT LOVES YOU

# ¿ May 22, 2024 18:04

G-Prime: Apr 30, 2003; Baby, when it's love,
if it's not rough it isn't fun.

Pseudo-God posted:

I want to do it without a server-side script at all, but I guess the tech is not here yet.

Keep in mind, even if you found an elegant way to have user-run javascript authenticate to your DB in a secure way that the user can't hijack the credentials from (which doesn't seem possible), you're still relying on that script to make direct SQL queries, which hoses your security entirely. That's why you need the abstraction. Instead of blindly accepting queries, you've got predefined queries that the abstraction layer provides based on criteria that the user submits via the javascript.

# ¿ Dec 10, 2013 17:50

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Modern front-end development: skinny jeans and handlebar mustaches ITT