coldfusion alternative

Jim Stapleton stapleton.41 at gmail.com
Thu Jul 20 03:21:10 UTC 2006


On 7/19/06, Glenn McCalley <glenn at bnetmd.net> wrote:
> OK so a good customer of long standing wants a coldfusion website.
> Some "developer", the husband of one of his staff (so that makes him a
> trusted advisor, right?), has convinced him "it's the only way to do it".
> My position is maybe that's the only way -he- can do it but there's a whole
> wide world of alternatives out there.
>
> Looking at it, he wants to collect some data on an input form, then hash it
> over a couple of ways and present the results.  Pretty graphics maybe as
> well.  Looks to me like Perl... don't even need a real database, heck
> DB_File would work just fine for this.
> OK with me...
> ...but what's the argument to present other than "you don't need
> coldfusion"?
>
> I'd even put CF on the system and be done with it if there was a FreeBSD
> version (anyone have any luck with that?).  Tracked down BlueDragon but
> that's apparently Win only as well.
>
> Ammunition wanted.
> Thanks
> Glenn.
>
>
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>

I wish I had something more solid than this, but this is the best I
have at the moment. I would never suggest cold fusion for one primary
reason:

Every bit of documentation I've seen suggests that
"fieldname_required" hidden fields are a good idea for data
verification, and they don't mention _anything_ else, or even suggest
the risk with this.

Well, the problem is, a hacker won't sent those tags, and if the data
is critical, then not putting backups could be dangerous. This isn't
necessarily an issue, any two-bit dev should be able to figure this
one out. However useing that as well as a backup check is redundant
and wasteful.

Effectively you are wasting time or giving a hacker a hackme howto.

Any language that promotes either of those is a language I would never
trust - who knows what they've done inside of it, away from prying
eyes.

-Jim Stapleton


More information about the freebsd-questions mailing list