Re: Restricting templates from causing havoc

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35616
interpreted = N
texte = I don't understand what you mean by change file names. I have folders with 1 .tpl file of my own making. In that folder clients are permitted to upload graphics for conversion, they upload their graphic (all types not just .jpg & .gifs) and hopefully logout. Right now I'm tempted to rename all my templates .asp and leave out to confuse th would be hacker. I just thought there might be a more secure way.You would think that it would be possible to make the templates password protected, much like the Price Change Password in the order file.By placing [PROCESS PASSWORD=MYPASSWORD] at the top or each .tpl , if the password isn't correct the web server returns the error page.Sound like something fairly simple.Maybe in a future version?????? Kenneth Grome wrote:> You change the file names of html or tpl files to prevent them from > being interpreted by webcatalog., and you leave gif and jpg file > names alone. > > >My clients are using http (webstar upload) to upload. I don't see > >any difference > >between ftp and http upload. They both have the abililty to upload .tpl's > > > >WebDNA Support wrote: > > > >> >Does anyone know a way keep apple script/ and web catalog from deleting > >> >files or causding havoc if someone were to upload a homemade template. > >> >Is there a way to password protect templates so they only excute if the > >> >password is in the template itself. > >> > >> Not per se. The solution right now is to prevent people from > >> uploading WebDNA at all. For instance, under StoreBuilder 4.0, one > >> can build a complete sophisticated storefront without needing ftp > >> access (graphic uploads are done thru HTTP upload), so by eliminating > >> ftp (or any arbitrary WebDNA) entirely we can prevent havoc. > >> > >> -- > >> Technical Support ********************************** > >> Smith Micro, Internet Solutions Div | eCommerce (WebCatalog) > >> 16855 West Bernardo Drive, #380 | ------------------------- > >> San Diego, CA 92127 | Software & Site Development > >> WebCatalog Support: (858) 675-0632 | http://www.smithmicro.com > >> Fax: (858) 675-0372 ********************************** > >> > >> ------------------------------------------------------------- > >> This message is sent to you because you are subscribed to > >> the mailing list . > >> To unsubscribe, E-mail to: > >> To switch to the DIGEST mode, E-mail to > >> > >> Web Archive of this list is at: http://search.smithmicro.com/ > > > >-- > >Marc Malacarme > >Lauren Stomel Advertising > >1-310-451-5114 > > > > > > > >------------------------------------------------------------- > >This message is sent to you because you are subscribed to > > the mailing list . > >To unsubscribe, E-mail to: > >To switch to the DIGEST mode, E-mail to > > > >Web Archive of this list is at: http://search.smithmicro.com/ > > ================================ > Kenneth Grome, WebDNA Consultant > 808-737-6499 http://webdna.net > ================================ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-- Marc Malacarme Lauren Stomel Advertising 1-310-451-5114------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  2. Re: Restricting templates from causing havoc (Marc 2000)
  3. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  4. Re: Restricting templates from causing havoc (Kenneth Grome 2000)
  5. Re: Restricting templates from causing havoc (Marc 2000)
  6. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  7. Restricting templates from causing havoc (Marc 2000)
I don't understand what you mean by change file names. I have folders with 1 .tpl file of my own making. In that folder clients are permitted to upload graphics for conversion, they upload their graphic (all types not just .jpg & .gifs) and hopefully logout. Right now I'm tempted to rename all my templates .asp and leave out to confuse th would be hacker. I just thought there might be a more secure way.You would think that it would be possible to make the templates password protected, much like the Price Change Password in the order file.By placing [PROCESS PASSWORD=MYPASSWORD] at the top or each .tpl , if the password isn't correct the web server returns the error page.Sound like something fairly simple.Maybe in a future version?????? Kenneth Grome wrote:> You change the file names of html or tpl files to prevent them from > being interpreted by webcatalog., and you leave gif and jpg file > names alone. > > >My clients are using http (webstar upload) to upload. I don't see > >any difference > >between ftp and http upload. They both have the abililty to upload .tpl's > > > >WebDNA Support wrote: > > > >> >Does anyone know a way keep apple script/ and web catalog from deleting > >> >files or causding havoc if someone were to upload a homemade template. > >> >Is there a way to password protect templates so they only excute if the > >> >password is in the template itself. > >> > >> Not per se. The solution right now is to prevent people from > >> uploading WebDNA at all. For instance, under StoreBuilder 4.0, one > >> can build a complete sophisticated storefront without needing ftp > >> access (graphic uploads are done thru HTTP upload), so by eliminating > >> ftp (or any arbitrary WebDNA) entirely we can prevent havoc. > >> > >> -- > >> Technical Support ********************************** > >> Smith Micro, Internet Solutions Div | eCommerce (WebCatalog) > >> 16855 West Bernardo Drive, #380 | ------------------------- > >> San Diego, CA 92127 | Software & Site Development > >> WebCatalog Support: (858) 675-0632 | http://www.smithmicro.com > >> Fax: (858) 675-0372 ********************************** > >> > >> ------------------------------------------------------------- > >> This message is sent to you because you are subscribed to > >> the mailing list . > >> To unsubscribe, E-mail to: > >> To switch to the DIGEST mode, E-mail to > >> > >> Web Archive of this list is at: http://search.smithmicro.com/ > > > >-- > >Marc Malacarme > >Lauren Stomel Advertising > >1-310-451-5114 > > > > > > > >------------------------------------------------------------- > >This message is sent to you because you are subscribed to > > the mailing list . > >To unsubscribe, E-mail to: > >To switch to the DIGEST mode, E-mail to > > > >Web Archive of this list is at: http://search.smithmicro.com/ > > ================================ > Kenneth Grome, WebDNA Consultant > 808-737-6499 http://webdna.net > ================================ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-- Marc Malacarme Lauren Stomel Advertising 1-310-451-5114------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Marc

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Upgrade to 3.07 problems (2000) WebCat2b13MacPlugin - [math][date][/math] problem (1997) WebCatalog can't find database (1997) If Empty ? (1997) What ports does Webcatalog use (2003) Same DB Same Time (2004) Dates - Search and Sorting (1999) Catalog Design (1999) starting news site + small store (2000) [WebDNA] Processor Maxing out (2010) ShowNext for method=POST (1997) Beta version-Mac? (was Emailer update for Mac?) (1998) Snake Bites (1997) Trouble with formula.db (1997) redirect from the errorsMessages.db entry (1997) rotating thumbnails (1997) [WebDNA] Another strange WebDNA problem (2013) Bug or syntax error on my part? (1997) Time Tracking (2003) FW: weird problem (2004)