I am thinking to use Silverlight instead of WPF as Client and WCF as server. Does it make sence?
I guess I will have these advantages:
1) More portable because it’s Web.
2) I don’t need to validate an user input in both client and server applications.
The third advantage is my main question: I guess the user cannot see my code, so my application would be safe against hackers. Is this correct? This means that if I store a database connection string in Silverlight, no clients will see it, right?
Thanks.
The .xap file in which your Silverlight Application is packaged is only an archive that contains the DLLs of your application (rename it to .zip and see for yourself) so your code can still be decompiled by anyone who downloads the .xap.
As for your 2nd point, you should validate on the server. I could, for example, sniff the traffic and see that your application calls a WCF web service. From there I could make my own requests to your service without using your application. If you don’t validate server-side bad things will happen.
Also, the “portability” of Silverlight is arguable, but yes I guess it is more portable than a .exe.