How to fix you're exposing a database operation in the client side


Why does it say:

Security Warning
You're exposing a database operation in the client side. Validate the data in a Server Action before changing the database.


Hi Faris,

follow this url-

https://www.outsystems.com/forums/discussion/49836/difference-between-screen-action-server-action-and-client-action/

It will be information about client and server action.

DB actions are server actions that why this geeting warning in client action.


Hope this will help you.

Regards

Rahul Sahu

Hi Faris,

You can get the details about this warning and also suggestion on how to avoid this warning in your application

https://success.outsystems.com/Documentation/11/Reference/Errors_and_Warnings/Warnings/Security_Warning

Rahul Sahu wrote:

Hi Faris,

follow this url-

https://www.outsystems.com/forums/discussion/49836/difference-between-screen-action-server-action-and-client-action/

It will be information about client and server action.

DB actions are server actions that why this geeting warning in client action.


Hope this will help you.

Regards

Rahul Sahu

The link doesn't say how to fix it, or maybe I didn't understand it


Hi Faris,

what I thing is, if the DB is on another module I would not call that server action directly nor any action that updates the DB.. 

I would call another action on that module to validate the data and then if it is okay, then I would call the create bug report.

It is one more step, but it is a safer step in a way that you are sure that the data is correct and valid before doing any action on the DB..

Regards

Carl

Faris Abdullah Almozini wrote:


Why does it say:

Security Warning
You're exposing a database operation in the client side. Validate the data in a Server Action before changing the database.


Hi Faris,

The reason for warning message is that OS best practice suggest you to do all database operation on server side rather then client side. You are calling Create database operation directly on client action rather then server action.


Regards,

Rajat Agrawal

Hi,

Create a Server Action to encapsulate the tables actions.

Hello Faris,

For example, If you want to validate a date to be always in future, how do you validate that. One way is to add validation at client side action as in your case, in this case you have to add the validation every time you call the entity action and that is why OS recommends to create a server action once and use it anywhere. Reusability -:)


Regards,

Shah