[development] Turbogears: Python framework

Bèr Kessels ber at webschuur.com
Tue Mar 7 19:21:39 UTC 2006

Op dinsdag 7 maart 2006 20:02, schreef Adrian Rossouw:
> > Also, we /suffer/ from pitfalls; most of these framework take care  
> > of everything security (input validation, XSS injection) whereas  
> > with Drupal, thou shalt not forget check_plain() and friends.
> how could we fix that ?

IMO with two steps:

1. Let go the current 'guideline' that everything needs a purpose. That every 
function must be used. Core should provide an autocomplete_return_nodes() 
even if that is not *used* in core, for example. Core should be more of a 
handy bundle of APIs, rather then a self contained, complete functioning 
2. Add a far more complete database abstraction layer. Maybe even port Active 
Record to Drupal. AR, is AFAIK the only reason why RoR is secure. 

| Bèr Kessels | webschuur.com | website development |
| Jabber & Google Talk: ber at jabber.webschuur.com
| http://bler.webschuur.com | http://www.webschuur.com |

Sympal draait nu voor het grootste deel al op 4.7:

More information about the development mailing list