Re: secret [cmd] variable?

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 59957
interpreted = N
texte = Cmd is short for command. If you look in the WebCat Admin, there is a section that says Only the following commands may be issued by non-administrators ShowPage, Search, FlushCache, ShowCart, Add, Remove, NewCart, Purchase, NewCartSearch, Clear That is why you get the Authentication Box. If all commands are allowed, someone could issue the delete command on one of your databases and wipe it out right from the browser. They would have to know where it was located and the name of the db but that would not be hard to figure out in a StoreBuilder site. Sal D'Anna -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Terry Wilson Sent: Tuesday, November 09, 2004 11:11 AM To: WebDNA Talk Subject: secret [cmd] variable? I stumbled upon something rather interesting today. In trying to test the results in a PayPal submit/return form without actually submitting to PayPal, I changed the form tag to go to my landing page instead of PayPal. I kept getting a browser authentication box, and narrowed it down to: I ran some experiments, and if its value is "T" or "F", you get a "Webcat doesn't understand the command "T" (or "F"). Anything else I tried throws up the authentication box (and BTW I don't have any realm protection on that directory). What's up with this secret variable name? Terry ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: secret [cmd] variable? ( Terry Wilson 2004)
  2. Re: secret [cmd] variable? ( Kenneth Grome 2004)
  3. Re: secret [cmd] variable? ( "Sal D'Anna" 2004)
  4. Re: secret [cmd] variable? ( "WebDna @ Inkblot Media" 2004)
  5. secret [cmd] variable? ( Terry Wilson 2004)
Cmd is short for command. If you look in the WebCat Admin, there is a section that says Only the following commands may be issued by non-administrators ShowPage, Search, FlushCache, ShowCart, Add, Remove, NewCart, Purchase, NewCartSearch, Clear That is why you get the Authentication Box. If all commands are allowed, someone could issue the delete command on one of your databases and wipe it out right from the browser. They would have to know where it was located and the name of the db but that would not be hard to figure out in a StoreBuilder site. Sal D'Anna -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Terry Wilson Sent: Tuesday, November 09, 2004 11:11 AM To: WebDNA Talk Subject: secret [cmd] variable? I stumbled upon something rather interesting today. In trying to test the results in a PayPal submit/return form without actually submitting to PayPal, I changed the form tag to go to my landing page instead of PayPal. I kept getting a browser authentication box, and narrowed it down to: I ran some experiments, and if its value is "T" or "F", you get a "Webcat doesn't understand the command "T" (or "F"). Anything else I tried throws up the authentication box (and BTW I don't have any realm protection on that directory). What's up with this secret variable name? Terry ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "Sal D'Anna"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Dealing with da back button (1999) Search in 2 or more catalogs (1997) hmmm (2006) TCPConnect to query for Domain expiration (2000) Trouble with [Math] (1998) transferring values (1998) Only charge card when product shipped ? (1997) [convertchars] HELP!!! (1999) Multipart Form - Ascertain File Type (2007) WebCatalog on G3 Macs? (1997) bug ? causes NT event log to fill (1997) Serving images from databases (1998) [WebDNA] Conditional search (2009) Next (1997) Undocumented tags and contexts (2000) Assign Variable Value (1998) Grep Question - SOLVED (2003) Cart Number Propagation (1997) quantity minimum problem (1997) Order not created error (never mind) (1997)