Re: where to put code

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 19326
interpreted = N
texte = >I personally prefer to use the context method on resulting pages. There I >can see the code at once, which makes it easier to understand. Anyway - I >do not like these long ugly URL's... And if one uses Replace or Delete >in a link, then this command has to be allowed for user input and therefore >some funny guy can destroy the database by simply playing with the URL. >There can be situation when commands in th URL make sense, but my personal >recommendation is to use contexts like [search...] on the target page >whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________ Institut Balear de Comunicacions, S.L. Gremio Tejedores 22, 1 07009 Palma de Mallorca, Spain _____________________________________________ Tel: +34 971.43.12.77 Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.es URL: http://www.ibacom.es/ _____________________________________________ Public PGP signature (Clave publica PGP): http://www.ibacom.es/PGP/kefauver.txt _______________________________________________________________ Associated Messages, from the most recent to the oldest:

    
  1. Re: where to put code (Paul Uttermohlen 1998)
  2. Re: where to put code (Charles Kefauver 1998)
  3. Re: where to put code (Dave MacLeay 1998)
  4. Re: where to put code (Peter Ostry 1998)
  5. Re: where to put code (Charles Kefauver 1998)
  6. Re: where to put code (Kenneth Grome 1998)
  7. Re: where to put code (Kenneth Grome 1998)
  8. Re: where to put code (Kevin Furuta 1998)
  9. Re: where to put code (John Hill 1998)
  10. Re: where to put code (Sue Ann Sanders 1998)
  11. Re: where to put code (Sue Ann Sanders 1998)
  12. Re: where to put code (Peter Ostry 1998)
  13. Re: where to put code (Kenneth Grome 1998)
  14. where to put code (Sue Ann Sanders 1998)
>I personally prefer to use the context method on resulting pages. There I >can see the code at once, which makes it easier to understand. Anyway - I >do not like these long ugly URL's... And if one uses Replace or Delete >in a link, then this command has to be allowed for user input and therefore >some funny guy can destroy the database by simply playing with the URL. >There can be situation when commands in th URL make sense, but my personal >recommendation is to use contexts like [search...] on the target page >whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________ Institut Balear de Comunicacions, S.L. Gremio Tejedores 22, 1 07009 Palma de Mallorca, Spain _____________________________________________ Tel: +34 971.43.12.77 Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.es URL: http://www.ibacom.es/ _____________________________________________ Public PGP signature (Clave publica PGP): http://www.ibacom.es/PGP/kefauver.txt _______________________________________________________________ Charles Kefauver

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

switching users (1998) Item counting? (1998) Safe command=append (1999) cart converting to scientific notation format (2001) Server Freeze...not always (1998) Fun with Dates - finally resolved but.... (1997) Search (1997) [Fwd: Rotating Banners ... (was LinkExchange)] (1997) carriage returns in data (1997) How to implement 'email to a friend' feature? (2002) Looking for a Webcat developer based in the Netherlands (2000) Newbie problem blah blah blah (1997) off topic fetch vs PCS photomaster (1997) Cookie still not working (1999) emailer settings and control questions (1997) [WebDNA] exemple of [arrayset] & [arrayget] (2012) Payments -> Bank Accounts (2005) last word listed (2000) Search returns all, not 20 (1997) anyone using Webcat 4.x in production? (2000)