Re: 'Pure' client-side javscript database?

"lallous" <lallous@lgwm.org> kirjoitti
viestissä:3nefseF112nmU1@individual.net...
> Hi Kimmo,
>
>>
>>
>> I'm glad you found it, but I MUST protest, that revealing the database
>> structure to end-users (clients) is asking for hacks, especially when the
>> site also provides the possibility to run queries. That's just like
>> making a sign for burglar: "Please come here and steal everything we
>> have, we don't lock doors or have alarms and our dog is actually just a
>> chihuahua." That's a warm welcome for hackers. What prevents me from
>> running "DROP DATABASE xyz" from javascript console?
>>
>>
>
> It is a client-side code, whatever you drop, you drop from your
> browser/session only.
> Nothing affect other users.
>
> It is a mean to store data for the current user. I see this as a nice
> companion for DHTML pages.
>

Ooohh... I was way off then... If it's per user/session then there's no harm
done. :)

-- 
SETI @ Home - Donate your cpu's idle time to science.
Further reading at <http://setiweb.ssl.berkeley.edu/>
Kimmo Laine <eternal.erectionN0@5P4Mgmail.com>