Re: where to put code
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 19326
interpreted = N
texte = >I personally prefer to use the context method on resulting pages. There I>can see the code at once, which makes it easier to understand. Anyway - I>do not like these long ugly URL's... And if one uses Replace or Delete>in a link, then this command has to be allowed for user input and therefore>some funny guy can destroy the database by simply playing with the URL.>There can be situation when commands in th URL make sense, but my personal>recommendation is to use contexts like [search...] on the target page>whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________Institut Balear de Comunicacions, S.L.Gremio Tejedores 22, 107009 Palma de Mallorca, Spain_____________________________________________Tel: +34 971.43.12.77Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.esURL: http://www.ibacom.es/_____________________________________________Public PGP signature (Clave publica PGP):http://www.ibacom.es/PGP/kefauver.txt_______________________________________________________________
Associated Messages, from the most recent to the oldest:
>I personally prefer to use the context method on resulting pages. There I>can see the code at once, which makes it easier to understand. Anyway - I>do not like these long ugly URL's... And if one uses Replace or Delete>in a link, then this command has to be allowed for user input and therefore>some funny guy can destroy the database by simply playing with the URL.>There can be situation when commands in th URL make sense, but my personal>recommendation is to use contexts like [search...] on the target page>whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________Institut Balear de Comunicacions, S.L.Gremio Tejedores 22, 107009 Palma de Mallorca, Spain_____________________________________________Tel: +34 971.43.12.77Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.esURL: http://www.ibacom.es/_____________________________________________Public PGP signature (Clave publica PGP):http://www.ibacom.es/PGP/kefauver.txt_______________________________________________________________
Charles Kefauver
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
switching users (1998)
Item counting? (1998)
Safe command=append (1999)
cart converting to scientific notation format (2001)
Server Freeze...not always (1998)
Fun with Dates - finally resolved but.... (1997)
Search (1997)
[Fwd: Rotating Banners ... (was LinkExchange)] (1997)
carriage returns in data (1997)
How to implement 'email to a friend' feature? (2002)
Looking for a Webcat developer based in the Netherlands (2000)
Newbie problem blah blah blah (1997)
off topic fetch vs PCS photomaster (1997)
Cookie still not working (1999)
emailer settings and control questions (1997)
[WebDNA] exemple of [arrayset] & [arrayget] (2012)
Payments -> Bank Accounts (2005)
last word listed (2000)
Search returns all, not 20 (1997)
anyone using Webcat 4.x in production? (2000)