I've seen this theme way too much recently- developers giving preference to their own convenience over the security of their application, or, even worse, their confidential data. Every time, however, it was due to incompetance; they didn't know what they were doing wrong.
Frameworks like Meteor.js encourage bad habits like this. Quoting straight from their homepage[1], "All the same APIs are available on the client and the server — including database APIs! — so the same code can easily run in either environment."
Running arbitrary database queries from the client cannot possibly be a good idea.
I'm a full stack web developer with strengths on the back-end. I write Javascript, PHP, Golang, and others. I have experience with the PHP frameworks: Yii, Symfony2, Silex, Slim. Experience with AngularJS. Experience with MySQL, Redis, MongoDB. Long-term Linux user.
Experience with online advertising, video streaming, imagemagick, ecommerce, and various common APIs such as Paypal, FedEX, UPS, and Authorize.net.
Specialities include performance evaluations, SQL optimization, binding C to other languages, and penetration testing.
Vubeology is looking for an experienced DevOps Engineer to join our growing organization. This person will work closely with a group of hard-working and talented engineers in a fast-paced, challenging environment. Not only will you be working with the latest technologies (Golang, Puppet, Node, Nginx), you’ll also be helping to design and implement scalable systems that keep back-end infrastructure running smoothly. If you’re ready to make a difference, then you’ve come to the right place!
Frameworks like Meteor.js encourage bad habits like this. Quoting straight from their homepage[1], "All the same APIs are available on the client and the server — including database APIs! — so the same code can easily run in either environment."
Running arbitrary database queries from the client cannot possibly be a good idea.
[1] https://www.meteor.com/