[listfiles] anomaly

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 50120
interpreted = N
texte = Couldn't figure out whether to label this an exploit, bug, oversight or what... so I settled on anomaly.Put this in a template:[listfiles] [filename] [/listfiles]And you will get a list of the files in your WebSTAR root folder. It doesn't matter where on your server you put the template, you will always get a list of files in the W* root.Clearly, there is some coder error here as I left out the required path= parameter. But since the docs clearly say that path= is a required parameter, shouldn't WebCat protect me from myself when I don't include a required parameter?I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user leaves out the required parameter? Do they get access to stuff they shouldn't?~joe -- ____________________________________________________________ Joseph D'Andrea ~ http://www.west21.com/ ~ JoeDan@West21.com WEST21.com Internet services for the 21st Century webhosting ~ co-location ~ wireless access WebCat and MGI database programming ____________________________________________________________------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [listfiles] anomaly (Rob Marquardt 2003)
  2. Re: [listfiles] anomaly (Gary Krockover 2003)
  3. Re: [listfiles] anomaly (Daniel Schutzsmith 2003)
  4. [listfiles] anomaly (Joe D'Andrea 2003)
Couldn't figure out whether to label this an exploit, bug, oversight or what... so I settled on anomaly.Put this in a template:[listfiles] [filename] [/listfiles]And you will get a list of the files in your WebSTAR root folder. It doesn't matter where on your server you put the template, you will always get a list of files in the W* root.Clearly, there is some coder error here as I left out the required path= parameter. But since the docs clearly say that path= is a required parameter, shouldn't WebCat protect me from myself when I don't include a required parameter?I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user leaves out the required parameter? Do they get access to stuff they shouldn't?~joe -- ____________________________________________________________ Joseph D'Andrea ~ http://www.west21.com/ ~ JoeDan@West21.com WEST21.com Internet services for the 21st Century webhosting ~ co-location ~ wireless access WebCat and MGI database programming ____________________________________________________________------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Joe D'Andrea

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

What is WebDNA (1997) Running 2 two WebCatalog.acgi's (1996) Too many lines too add in one go (2003) Submitting ampersands in forms... (1998) [ShowNext] feature in 2.0 (1997) two unique banners on one page (1997) NT version and O'reily's WebSite (1997) Re:emailer 150 (1997) Upgrading old WebCat Database Files (1997) Resume Catalog ? (1997) problems with 2 tags shakur (1997) Just Testing (1997) WCS Newbie question (1997) setting taxable to true (1997) [WebDNA] Sorting -- Dealing with Blanks (2008) Is there a way to just get to the last record in the database? (1997) Size limit for tmpl editor ? (1997) Trouble with formula.db + more explanation (1997) Searching Multiple DBs (1997) Country & Ship-to address & other fields ? (1997)