Global variables are not always global ...

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 32857
interpreted = N
texte = >Under existing 3.x sites, I can override _system variables_ like >[IPADDRESS] by simply adding &ipaddress=192.168.000.001 to the command >line. That is a big security hole, now plugged in 4.x.That's right, this has been fixed now. So no matter which variable hierarchy you wish to use, the fact is, these system variables (SM calls them global variables) cannot be overridden -- except in the context that tries to set them as text or math variables ...That's right, you have to watch out for the bizarre behavior of the text *context* when you use the show=t parameter to display the new text variable value from within the context itself. The same thing occurs in a math context when show=f is not used ...In these situations, webcatalog doesn't care if you use a global variable name for your text variable or not -- it will always display the value you try to assign to that name, rather than displaying the true global variable value.In other words:[text show=t]ipaddress=4[/text]... displays 4, but everyone knows that 4 is not an ip address -- so what's going on here?Obviously it's not doing what we might expect, since global variables are *supposed to* override all other variables having the same name. When the context is followed by the [ipaddress] tag, the tag properly displays the actual ip address, not 4, so at least it looks like the 4 is being overridden later -- I guess that's a 'good thing' ... :) But this surprise behavior in the context itself will probably confuse new users (and some old users) because it is not consistent with the concept of all global variables overriding all text and math variables.Of course it would be nice for SM to make the text context to display the actual ip address here, instead of 4, because then it would be immediately clear that the name ipaddress is a global variable that cannot be overridden.On the other hand, this is probably going to be one of those characteristics that someone with an innovative brain will find a very good use for! So the innovator will end up writing his webdna code so that it relies on this particular behavior in order to do something really cool that no one else has ever thought of ...But will SM come along later and change this behavior? ... thus breaking every template the 'innovator' developed that relied on this behavior?There is no disputing that in the real world, this is exactly how the text context works when show=t is used. The math context does the exact same thing without show=t.But is this behavior a bug? And if not, will it be documented some day ... so we can rest assured that it's going to be something we can rely on in the future? ================================ Kenneth Grome, WebDNA Consultant 808-737-6499 http://webdna.net ================================------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Global variables are not always global ... (Kenneth Grome 2000)
  2. Re: Global variables are not always global ... (WebDNA Support 2000)
  3. Global variables are not always global ... (Kenneth Grome 2000)
>Under existing 3.x sites, I can override _system variables_ like >[ipaddress] by simply adding &ipaddress=192.168.000.001 to the command >line. That is a big security hole, now plugged in 4.x.That's right, this has been fixed now. So no matter which variable hierarchy you wish to use, the fact is, these system variables (SM calls them global variables) cannot be overridden -- except in the context that tries to set them as text or math variables ...That's right, you have to watch out for the bizarre behavior of the text *context* when you use the show=t parameter to display the new text variable value from within the context itself. The same thing occurs in a math context when show=f is not used ...In these situations, webcatalog doesn't care if you use a global variable name for your text variable or not -- it will always display the value you try to assign to that name, rather than displaying the true global variable value.In other words:[text show=t]ipaddress=4[/text]... displays 4, but everyone knows that 4 is not an ip address -- so what's going on here?Obviously it's not doing what we might expect, since global variables are *supposed to* override all other variables having the same name. When the context is followed by the [ipaddress] tag, the tag properly displays the actual ip address, not 4, so at least it looks like the 4 is being overridden later -- I guess that's a 'good thing' ... :) But this surprise behavior in the context itself will probably confuse new users (and some old users) because it is not consistent with the concept of all global variables overriding all text and math variables.Of course it would be nice for SM to make the text context to display the actual ip address here, instead of 4, because then it would be immediately clear that the name ipaddress is a global variable that cannot be overridden.On the other hand, this is probably going to be one of those characteristics that someone with an innovative brain will find a very good use for! So the innovator will end up writing his webdna code so that it relies on this particular behavior in order to do something really cool that no one else has ever thought of ...But will SM come along later and change this behavior? ... thus breaking every template the 'innovator' developed that relied on this behavior?There is no disputing that in the real world, this is exactly how the text context works when show=t is used. The math context does the exact same thing without show=t.But is this behavior a bug? And if not, will it be documented some day ... so we can rest assured that it's going to be something we can rely on in the future? ================================ Kenneth Grome, WebDNA Consultant 808-737-6499 http://webdna.net ================================------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Kenneth Grome

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

taxRate is fine but taxTotal isn't (1997) Multi Actions (1999) Converting Quotes in Javascript (2001) [WebDNA] WebDNA on Linux (2009) search problem (2002) Help formatting search results w/ table (1997) Hiding HTML and page breaks (1997) RE: Questions To Answer (1997) Email within tmpl ? (1997) Fwd: HTML encoding in URLs (1997) searches with dash, period etc. (2000) relogin same user? (1998) Recursive includes (1998) Re:2nd WebCatalog2 Feature Request (1996) Re:Off Topic (Help!!!! w/Webstar) (1999) unable to launch acgi in WebCat (1997) Search problem C++ (2000) [TaxTotal] (1998) flushing databases (2003) woops - speed results - right subject (2002)