numero = 27989
interpreted = N
texte = >So then I guess this implies that an email address can never contain an & char?And while we're on this topic, I want to ask more questions to understand more deeply...I have a db that stores user input account data. I give them the chance to 'login'.On the next page I search the db using their name and passwerd (which they just input)-[Search db=some.db&eqAccountNumdatarq=[AccountNum]&eqPasswerddatarq=[URL][Passwerd][/URL]&max=1]so here's a case of where you would say I DO NOT need to [URL]ize the passwerd since it is coming out of thedb (rather than going in)??But what if I haven't taken steps to prevent the user from using an & in his passwerd? If there was a & inthere, wouldn't that break the search?And if after logging in, I gave him the chance to do a different search on the db (via form; , etc.) and on the next results page I have a [shownext] with ahypertext link inside which uses-?command=search&[searchstring]...and passwerd is in the [searchstring] because I passed it along with the other hidden inputs when the usersubmit his form-based search, then aren't I asking for problems if I have allowed illegal URL chars inpasswerd? Assuming I need to allow non-URL chars there, then wouldn't I need to wrap [searchstring] with [URL]?Thanks for your time!:-)-John>>> No, you should only [url] stuff that's going INTO a database -- you don't have to [url] it on the way out ...-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Associated Messages, from the most recent to the oldest:
>So then I guess this implies that an email address can never contain an & char?And while we're on this topic, I want to ask more questions to understand more deeply...I have a db that stores user input account data. I give them the chance to 'login'.On the next page I search the db using their name and passwerd (which they just input)-[Search db=some.db&eqAccountNumdatarq=[AccountNum]&eqPasswerddatarq=[url][Passwerd][/URL]&max=1]so here's a case of where you would say I DO NOT need to [url]ize the passwerd since it is coming out of thedb (rather than going in)??But what if I haven't taken steps to prevent the user from using an & in his passwerd? If there was a & inthere, wouldn't that break the search?And if after logging in, I gave him the chance to do a different search on the db (via form; , etc.) and on the next results page I have a [shownext] with ahypertext link inside which uses-?command=search&[searchstring]...and passwerd is in the [searchstring] because I passed it along with the other hidden inputs when the usersubmit his form-based search, then aren't I asking for problems if I have allowed illegal URL chars inpasswerd? Assuming I need to allow non-URL chars there, then wouldn't I need to wrap [searchstring] with [url]?Thanks for your time!:-)-John>>> No, you should only [url] stuff that's going INTO a database -- you don't have to [url] it on the way out ...-------------------------------------------------------------Brought to you by CommuniGate Pro - The Buzz Word Compliant Messaging Server.To end your Mail problems go to .This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to John Butler
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...