Replace context problem ... and answers
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 12498
interpreted = N
texte = >>The URL has blablabla/kill.tmpl$delete?db=announce.db&eqSKUdata=[SKU]>>>>When I hit this link netscape shows the proper information reflecting the>>proper [SKU] number, but the record is not deleted?>>Does that database have username/password fields, and if so does your>browser's username/password match? If not, then WebCatalog will silently>not do anything to those records. The same goes for replace. This is to>prevent anonymous bozos from deleting records in your databases with a>simple URL.Hi Grant,I found this previous response to Glenn's earlier questions about recordsnot being deleted, and apparently that's what's happening when I try toreplace a record ...Now that we have a way to stop people from sending specific commands (withthe CommandsAllowed and CommandSecurity settings in the WebCat Prefs) wealready have a good method of preventing anonymous bozos from deletingrecords with a simple URL.We can simply set CommandSecurity to T and remove Replace and Delete fromthe list of CommandsAllowed. That takes care of the bozos, but it doesn'tsolve the problem of a site administrator wanting to replace or deletespecific records in a database that has username and password fields in it.So ... is there any way to force WebCat2 to use the username and password Itell it to use (especially in the case of a replace or delete context) ...instead of WebCat2 always looking at the username and password values inthe browser first?What do you suggest here? Should we simply change the names of those fieldsto something other than username and password? If we do that, what affectwill that have on other situations in which WebCat2 needs to use thebrowser's cached username and password values? What other things will workdifferently if we change the names of these fields? Are there any WebCat2functions related to the protect tag that might be affected?For me, a good feature would be to allow me to tell WebCat2 to use theusername and password values I give it when performing a replace or deletefrom a context ... rather than for WebCat2 to ignore those values and usethe username and password values in the browser's cache instead.You know, like when WebCat2 looks in the current context for a [value] butdoesn't find it, so then it looks in the next enclosing context, and itkeeps looking in each succeeding enclosing context until it finally findsthe [value] it's seeking?Could replace and delete contexts be made to function like that ... withthe browser's values being the LAST place to look for the username andpassword values? Or would this create other problems ... ?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html
Associated Messages, from the most recent to the oldest:
|
- Replace context problem ... and answers (Kenneth Grome 1997)
|
>>The URL has blablabla/kill.tmpl$delete?db=announce.db&eqSKUdata=[SKU]>>>>When I hit this link netscape shows the proper information reflecting the>>proper [SKU] number, but the record is not deleted?>>Does that database have username/password fields, and if so does your>browser's username/password match? If not, then WebCatalog will silently>not do anything to those records. The same goes for replace. This is to>prevent anonymous bozos from deleting records in your databases with a>simple URL.Hi Grant,I found this previous response to Glenn's earlier questions about recordsnot being deleted, and apparently that's what's happening when I try toreplace a record ...Now that we have a way to stop people from sending specific commands (withthe CommandsAllowed and CommandSecurity settings in the WebCat Prefs) wealready have a good method of preventing anonymous bozos from deletingrecords with a simple URL.We can simply set CommandSecurity to T and remove Replace and Delete fromthe list of CommandsAllowed. That takes care of the bozos, but it doesn'tsolve the problem of a site administrator wanting to replace or deletespecific records in a database that has username and password fields in it.So ... is there any way to force WebCat2 to use the username and password Itell it to use (especially in the case of a replace or delete context) ...instead of WebCat2 always looking at the username and password values inthe browser first?What do you suggest here? Should we simply change the names of those fieldsto something other than username and password? If we do that, what affectwill that have on other situations in which WebCat2 needs to use thebrowser's cached username and password values? What other things will workdifferently if we change the names of these fields? Are there any WebCat2functions related to the protect tag that might be affected?For me, a good feature would be to allow me to tell WebCat2 to use theusername and password values I give it when performing a replace or deletefrom a context ... rather than for WebCat2 to ignore those values and usethe username and password values in the browser's cache instead.You know, like when WebCat2 looks in the current context for a [value] butdoesn't find it, so then it looks in the next enclosing context, and itkeeps looking in each succeeding enclosing context until it finally findsthe [value] it's seeking?Could replace and delete contexts be made to function like that ... withthe browser's values being the LAST place to look for the username andpassword values? Or would this create other problems ... ?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html
Kenneth Grome
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
problems with 2 tags (1997)
Replace Statement (1997)
Setting up WebCatalog with Retail Pro data (1996)
Almost a there but..bye bye NetCloak (1997)
Part 2 - [showif] if variable exists (1998)
Authenticate (1997)
Spawning Holdup? (2000)
Dynamic Pop up menu? (1997)
cannot delete last admin (1999)
can WC render sites out? (1997)
RE: ANother SHOWIF problem (1997)
remotely add + sign (1997)
[WebDNA] [BULK] which of these tags exist in 7.0 (2011)
Question about replacing words (1998)
ImageMap (1997)
Search logic? (1998)
Hiding HTML and breaking the page (1997)
WebTen? (1997)
Search & Sort Question (1999)
MacAuthorize order data fields WAS:How To question... (1997)