Re[2]: Hierarchy of form/text/math variables

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 31200
interpreted = N
texte = At 12:09 PM 5/1/00, jpeacock@univpress.com wrote: >No, I strongly disagree. I could see a keep things insecure and weak switch >in the Preferences, but this would make the WebCat program itself highly >complicated and cause more bugs than anything else. I would rather >not upgrade >or (more likely) rewrite all of my code, rather than keep the lax >security model >any longer.Why can't/won't you use John Butler's very simple and easily implemented scheme to protect the variables that you don't won't to allow to be changed from a form submission?> When I depend on variables to be secure, I run a routine at the top of the > page similar to this: > [formvariables] > [showif [name]^SecureUser,IsValidAccount,IsAdmin] > [authenticate Futile Hacker] > [/showif] > [/formvariables] > That is what major releases are all about; change happens, >especially in this industry, deal with it or get into another line of work.Changes shouldn't break existing code that is based on published specs.___Joe___############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Associated Messages, from the most recent to the oldest:

    
  1. Re[2]: Hierarchy of form/text/math variables (Joseph D'Andrea 2000)
  2. Re[2]: Hierarchy of form/text/math variables (jpeacock@univpress.com 2000)
At 12:09 PM 5/1/00, jpeacock@univpress.com wrote: >No, I strongly disagree. I could see a keep things insecure and weak switch >in the Preferences, but this would make the WebCat program itself highly >complicated and cause more bugs than anything else. I would rather >not upgrade >or (more likely) rewrite all of my code, rather than keep the lax >security model >any longer.Why can't/won't you use John Butler's very simple and easily implemented scheme to protect the variables that you don't won't to allow to be changed from a form submission?> When I depend on variables to be secure, I run a routine at the top of the > page similar to this: > [formvariables] > [showif [name]^SecureUser,IsValidAccount,IsAdmin] > [authenticate Futile Hacker] > [/showif] > [/formvariables] > That is what major releases are all about; change happens, >especially in this industry, deal with it or get into another line of work.Changes shouldn't break existing code that is based on published specs.___Joe___############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Joseph D'Andrea

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] WebDNA to Text Messge (2013) Separate SSL Server (1997) ftp to webstar (2001) Problems passing [SKU] with $Replace in 2.0 (1997) "top" Clarification ( for apache ) (2008) WebCat2b13 Mac plugin - [sendmail] and checkboxes (1997) [sendmail] questions... (1997) Customer - again (1998) [AppendFile] problem (WebCat2b13 Mac .acgi) (1997) Can WebDNA do this? (2000) Interfacing WebMerchant to www.fedex.com (1997) carts on MacOS X Server (2000) Search (1997) sendmail and accented characters (1998) [delete] problem (1997) New Command prefs ... (1997) Where has WebDNA shown up in your life? (2003) webmerch and serials - almost there (1997) WebCat2.0 [format thousands .0f] no go (1997) emailer (1997)