Re: [WebDNA] Search on a database

This WebDNA talk-list message is from

2012

It keeps the original formatting. numero = 108773
interpreted = N
texte = ---1183615881-701178929-1330823878=:24135Content-Type: text/plain; charset=us-asciiOk.The code change below worked, and when I opened the admin pagehttp://www.hydrozone-pro.com/quizForm/admin2.tpl to view the database entries, I got an alert box with the following message:"You don't want users adding (non-whitelisted) HTML to data that appears on a page. My example is harmless, but might have been malicious. Google 'XSS'.This brings up 2 more questions:1. I'm assuming that since you were able to program an alert box to open, a malicious programmer could cause harm to my local machine when I open the page. Could damage also be done to the server on which this page resides?2. I have already wrapped the variables coming from the survey in [url][/url] tags. Do I wrap the variables like this?: [removehtml][url]...[/url][/removehtml]. Lori________________________________From: Govinda To: talk@webdna.usSent: Sat, March 3, 2012 4:50:36 PMSubject: Re: [WebDNA] Search on a database> The page took a really long time to load.I noticed that too. > But I wasn't able to view what you entered because the top link in >seeSurveyResponses.dna is yesterday's date, not today's. So if I took a stab at >how to alter your code below to have today's date appear on the link list, I >would change the following:> > Change>

> [loop start=1&end=10&advance=1]> > To>
> [loop start=0&end=10&advance=1]yes try that.-G------------------------------------------------------------1183615881-701178929-1330823878=:24135Content-Type: text/html; charset=us-ascii

Ok.
The code change below worked, and when I opened the admin pagehttp://www.hydrozone-pro.com/quizForm/admin2.tpl  to view the database entries, I got an alert box with the following message:
"You don't want users adding (non-whitelisted) HTML to data that appears on a page. My example is harmless, but might have been malicious. Google 'XSS'.


This brings up 2 more questions:
1. I'm assuming that since you were able to program an alert box to open, a malicious programmer could cause harm to my local machine when I open the page. Could damage also be done to the server on which this page resides?
2. I have already wrapped the variables coming from the survey in [url][/url] tags. Do I wrap the variables like this?:


  [removehtml][url]...[/url][/removehtml]. 


Lori










---
From: Govinda <govinda.webdnatalk@gmail.com>
To: talk@webdna.us
Sent: Sat, March 3, 2012 4:50:36 PM
Subject: Re: [WebDNA] Search on a database

> The page took a really long time to load.

I noticed that too. 

> But I wasn't able to view what you entered because the top link in seeSurveyResponses.dna is yesterday's date, not today's. So if I took a stab at how to alter your code below to have today's date appear on the link list, I would change the following:
>
> Change
>            <ul>
>                [loop start=1&end=10&advance=1]
>
> To
>            <ul>
>                [loop start=0&end=10&advance=1]

yes try that.

-G---------------------------------------------------------



---1183615881-701178929-1330823878=:24135-- Associated Messages, from the most recent to the oldest:



Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (Lori Palmquist 2012) Re: [WebDNA] Search on a database (Govinda 2012) Re: [WebDNA] Search on a database (aaronmichaelmusic@gmail.com 2012) [WebDNA] Search on a database (Lori Palmquist 2012)

---1183615881-701178929-1330823878=:24135Content-Type: text/plain; charset=us-asciiOk.The code change below worked, and when I opened the admin pagehttp://www.hydrozone-pro.com/quizForm/admin2.tpl to view the database entries, I got an alert box with the following message:"You don't want users adding (non-whitelisted) HTML to data that appears on a page. My example is harmless, but might have been malicious. Google 'XSS'.This brings up 2 more questions:1. I'm assuming that since you were able to program an alert box to open, a malicious programmer could cause harm to my local machine when I open the page. Could damage also be done to the server on which this page resides?2. I have already wrapped the variables coming from the survey in [url][/url] tags. Do I wrap the variables like this?: [removehtml][url]...[/url][/removehtml]. Lori________________________________From: Govinda To: talk@webdna.usSent: Sat, March 3, 2012 4:50:36 PMSubject: Re: [WebDNA] Search on a database> The page took a really long time to load.I noticed that too. > But I wasn't able to view what you entered because the top link in >seeSurveyResponses.dna is yesterday's date, not today's. So if I took a stab at >how to alter your code below to have today's date appear on the link list, I >would change the following:> > Change>
> [loop start=1&end=10&advance=1]> > To>
> [loop start=0&end=10&advance=1]yes try that.-G------------------------------------------------------------1183615881-701178929-1330823878=:24135Content-Type: text/html; charset=us-ascii

Ok.
The code change below worked, and when I opened the admin pagehttp://www.hydrozone-pro.com/quizForm/admin2.tpl  to view the database entries, I got an alert box with the following message:
"You don't want users adding (non-whitelisted) HTML to data that appears on a page. My example is harmless, but might have been malicious. Google 'XSS'.


This brings up 2 more questions:
1. I'm assuming that since you were able to program an alert box to open, a malicious programmer could cause harm to my local machine when I open the page. Could damage also be done to the server on which this page resides?
2. I have already wrapped the variables coming from the survey in [url][/url] tags. Do I wrap the variables like this?:


  [removehtml][url]...[/url][/removehtml]. 


Lori










---
From: Govinda <govinda.webdnatalk@gmail.com>
To: talk@webdna.us
Sent: Sat, March 3, 2012 4:50:36 PM
Subject: Re: [WebDNA] Search on a database

> The page took a really long time to load.

I noticed that too. 

> But I wasn't able to view what you entered because the top link in seeSurveyResponses.dna is yesterday's date, not today's. So if I took a stab at how to alter your code below to have today's date appear on the link list, I would change the following:
>
> Change
>            <ul>
>                [loop start=1&end=10&advance=1]
>
> To
>            <ul>
>                [loop start=0&end=10&advance=1]

yes try that.

-G---------------------------------------------------------



---1183615881-701178929-1330823878=:24135-- Lori Palmquist


DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List


The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebDNA 4.5 (2004) OT: BulkRegister.com (2002) Reversed words (1997) formulas.db ?? (1998) WebCat2b12 - nesting [tags] (1997) counting characters and/or words (1997) ImageMagick (2005) Serving images from databases (1998) using showpage and showcart commands (1996) PR: WebCatalog Affiliates Program Announced -- Share the revenue for promoting WebCatalog (2000) # fields limited? (1997) emailer settings and control questions (1997) japanese characters (1997) Starting Emailer (2005) Interfacing WebMerchant to www.fedex.com (1997) What am I missing (1997) Multiple prices (1997) emailer don't work (1998) Summing fields (1997) Feature req. (2002)