Re: Google MAP URLs

This WebDNA talk-list message is from

2006


It keeps the original formatting.
numero = 67487
interpreted = N
texte = To follow up on John's suggestion, [url] wrap any data going into a search or being used as a parameter for a context or command. This prevents passed ampersands from interrupting the webdna code. [input] wrap any data going between quotes or in a textarea. This prevents characters from ending an html parameter or putting odd data in a textarea. [convertchars] wrap any user data being shown on the page. This prevents XSS (I think). That should solve many problems. Bill -----Original Message----- From: John Peacock Sent: Fri, 16 Jun 2006 13:05:31 -0400 To: "WebDNA Talk" Subject: Re: Google MAP URLs Nick Griffie wrote: > Here's the db code. > > [replace > db=../db/article.db&eqaskudata=[asku]&alink1=[alink1][/replace] [replace db=../db/article.db&eqaskudata=[asku]&alink1=[url][alink1][/url][/replace] It is almost always appropriate to wrap any user-entered field in [url] when storing something in a database. John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Google MAP URLs ( devaulw@onebox.com 2006)
  2. Re: Google MAP URLs ( John Peacock 2006)
  3. Re: Google MAP URLs ( "Nick Griffie" 2006)
  4. Re: Google MAP URLs ( John Peacock 2006)
  5. Re: Google MAP URLs ( "Nick Griffie" 2006)
  6. Re: Google MAP URLs ( John Peacock 2006)
  7. Google MAP URLs ( "Nick Griffie" 2006)
To follow up on John's suggestion, [url] wrap any data going into a search or being used as a parameter for a context or command. This prevents passed ampersands from interrupting the webdna code. [input] wrap any data going between quotes or in a textarea. This prevents characters from ending an html parameter or putting odd data in a textarea. [convertchars] wrap any user data being shown on the page. This prevents XSS (I think). That should solve many problems. Bill -----Original Message----- From: John Peacock Sent: Fri, 16 Jun 2006 13:05:31 -0400 To: "WebDNA Talk" Subject: Re: Google MAP URLs Nick Griffie wrote: > Here's the db code. > > [replace > db=../db/article.db&eqaskudata=[asku]&alink1=[alink1][/replace] [replace db=../db/article.db&eqaskudata=[asku]&alink1=[url][alink1][/url][/replace] It is almost always appropriate to wrap any user-entered field in [url] when storing something in a database. John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ devaulw@onebox.com

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Wrapping text (1998) protect tag on NT IIS (1997) Showif Context combined with Search (1997) Kaaaaahhhhhhhnnnnnnn! (1997) Separate SSL Server (1997) [WebDNA] Screen Resolution - detection & redirect (2012) Help! WebCat2 bug (1997) Fwd: FW: Purchase Command error (1997) WebDNA's portability (2007) Plugin or CGI or both (1997) Removing [showif] makes a big difference in speed (1997) [SHOWIF] (1997) emailer error -108 (1997) Linebreak as a delimiter in listwords? (2003) can WC render sites out? (1997) Laying an egg. (1998) PhotoMill -> PhotoMaster (1997) Limiting user access to .tmpl files (1997) Running _every_ page through WebCat-error.html (1997) RE: Clearing orders and database help! (1997)