× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. November 2002

Re: CL pgm and pointer variables

Steve Richter wrote:

Of course I validate input, just as an appl programmer should!  I am being
minimal in  my example for the purpose of clarity. To add validatation to
example I describe a 3rd array could be added.  The 1st array contains data
pointers to the pgm variables to be populated, the 2nd array contains the
field names of those variables as appears in the stdin stream received from
the browser and the 3rd array contains error information retrieved when the
stdin char data ( "fld1=22.5&fld2=abc+efg&...." ) could not be mapped into
the data pointer addressed variable.

I challenge you or others to show how this very important and common task of
mapping data from the browser stdin stream into variables in a program could
be done as directly and efficiently as can be done with data pointers.

First, if I recall correctly, data pointers are not terribly
efficient. (Which is just one reason why data pointers aren't put to
more use.) Compilers can always generate more efficient code when
all data types involved in an expression are known at compile-time.
(Not that performance is all that important in a CGI app, since I/O
latencies are clearly more important in such apps.)

Second, the conversion of a character value to the appropriate data
type typically involves only a single assignment anyways, for example:
   fld1 = %dec(envvar('fld1'):7:2);
   fld2 = envvar('fld2');
And so not a lot of code is saved by using some common mechanism. In
fact, if three arrays need to be set up to be able to use a common
routine, I suspect that would require even more coding!

My point is that the subsequent validation is (or often should be)
more coding anyways, and typically involves testing the range of
values, invalid characters, possible security exploits, etc.
Furthermore, the testing is generally specific to each input, which
again limits the usefulness of common validation code.

Cheers!  Hans

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.