Replace context problem ... and answers

This WebDNA talk-list message is from

1997

It keeps the original formatting. numero = 12498
interpreted = N
texte = >>The URL has blablabla/kill.tmpl$delete?db=announce.db&eqSKUdata=[SKU]>>>>When I hit this link netscape shows the proper information reflecting the>>proper [SKU] number, but the record is not deleted?>>Does that database have username/password fields, and if so does your>browser's username/password match? If not, then WebCatalog will silently>not do anything to those records. The same goes for replace. This is to>prevent anonymous bozos from deleting records in your databases with a>simple URL.Hi Grant,I found this previous response to Glenn's earlier questions about recordsnot being deleted, and apparently that's what's happening when I try toreplace a record ...Now that we have a way to stop people from sending specific commands (withthe CommandsAllowed and CommandSecurity settings in the WebCat Prefs) wealready have a good method of preventing anonymous bozos from deletingrecords with a simple URL.We can simply set CommandSecurity to T and remove Replace and Delete fromthe list of CommandsAllowed. That takes care of the bozos, but it doesn'tsolve the problem of a site administrator wanting to replace or deletespecific records in a database that has username and password fields in it.So ... is there any way to force WebCat2 to use the username and password Itell it to use (especially in the case of a replace or delete context) ...instead of WebCat2 always looking at the username and password values inthe browser first?What do you suggest here? Should we simply change the names of those fieldsto something other than username and password? If we do that, what affectwill that have on other situations in which WebCat2 needs to use thebrowser's cached username and password values? What other things will workdifferently if we change the names of these fields? Are there any WebCat2functions related to the protect tag that might be affected?For me, a good feature would be to allow me to tell WebCat2 to use theusername and password values I give it when performing a replace or deletefrom a context ... rather than for WebCat2 to ignore those values and usethe username and password values in the browser's cache instead.You know, like when WebCat2 looks in the current context for a [value] butdoesn't find it, so then it looks in the next enclosing context, and itkeeps looking in each succeeding enclosing context until it finally findsthe [value] it's seeking?Could replace and delete contexts be made to function like that ... withthe browser's values being the LAST place to look for the username andpassword values? Or would this create other problems ... ?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html Associated Messages, from the most recent to the oldest:

Replace context problem ... and answers (Kenneth Grome 1997)

>>The URL has blablabla/kill.tmpl$delete?db=announce.db&eqSKUdata=[SKU]>>>>When I hit this link netscape shows the proper information reflecting the>>proper [SKU] number, but the record is not deleted?>>Does that database have username/password fields, and if so does your>browser's username/password match? If not, then WebCatalog will silently>not do anything to those records. The same goes for replace. This is to>prevent anonymous bozos from deleting records in your databases with a>simple URL.Hi Grant,I found this previous response to Glenn's earlier questions about recordsnot being deleted, and apparently that's what's happening when I try toreplace a record ...Now that we have a way to stop people from sending specific commands (withthe CommandsAllowed and CommandSecurity settings in the WebCat Prefs) wealready have a good method of preventing anonymous bozos from deletingrecords with a simple URL.We can simply set CommandSecurity to T and remove Replace and Delete fromthe list of CommandsAllowed. That takes care of the bozos, but it doesn'tsolve the problem of a site administrator wanting to replace or deletespecific records in a database that has username and password fields in it.So ... is there any way to force WebCat2 to use the username and password Itell it to use (especially in the case of a replace or delete context) ...instead of WebCat2 always looking at the username and password values inthe browser first?What do you suggest here? Should we simply change the names of those fieldsto something other than username and password? If we do that, what affectwill that have on other situations in which WebCat2 needs to use thebrowser's cached username and password values? What other things will workdifferently if we change the names of these fields? Are there any WebCat2functions related to the protect tag that might be affected?For me, a good feature would be to allow me to tell WebCat2 to use theusername and password values I give it when performing a replace or deletefrom a context ... rather than for WebCat2 to ignore those values and usethe username and password values in the browser's cache instead.You know, like when WebCat2 looks in the current context for a [value] butdoesn't find it, so then it looks in the next enclosing context, and itkeeps looking in each succeeding enclosing context until it finally findsthe [value] it's seeking?Could replace and delete contexts be made to function like that ... withthe browser's values being the LAST place to look for the username andpassword values? Or would this create other problems ... ?Sincerely, Ken GromeWebDNA Solutionshttp://www.hui.net/dna/webdna.html Kenneth Grome

DOWNLOAD WEBDNA NOW!

Replace context problem ... and answers

1997

Top Articles:

Related Readings: