Re: Re[2]: Re[3]: Problem with new formvariables

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 31221
interpreted = N
texte = Then we should use this hierarchy: - WebCatalog Internal Variables (i.e. [ipaddress]) - Text Secure [text] Variables - Passed Variables (i.e. [cart]) - Normal [text] Variables? Jesse Proudman - NineWire Productions http://www.ninewire.com <-> jesse@ninewire.com Innovative and Creative Web Design and Hosting> -----Original Message----- > From: webcatalog-beta@talk.smithmicro.com > [mailto:webcatalog-beta@talk.smithmicro.com]On Behalf Of > jpeacock@univpress.com > Sent: Tuesday, May 02, 2000 12:20 PM > To: webcatalog-beta@talk.smithmicro.com > Subject: Re[2]: Re[3]: Problem with new formvariables > > > Jesse - > > The only sensible level of security is one that you have to > explicitly _opt out > of_, not remember to enable. And the discussion at hand is not whether > variables defined within a template could be locked, but rather whether > variables passed as part of the command line could override > variables on the > template. > > i.e. index.shtml?ipaddress=10.0.0.1 > > currently overrides the system variable [ipaddress], which is > _highly_ insecure. > This can be rightly considered to be a bugfix, not an upgrade. > > John Peacock > > > ____________________Reply Separator____________________ > Subject: Re: Re[3]: Problem with new formvariables > Author: > Date: 5/2/2000 11:02 AM > > Are you saying that if you had: > > [text secure=t]SecureVar=T[/text] > [text]Securevar=f[/text] > > that the value would get to F? but it would be secure. > > The only way to change secure vars should be: > > [text secure=t]securevar=t[/text] > [text secure=t]securevar=f[/text] > > > Jesse Proudman - NineWire Productions > http://www.ninewire.com <-> jesse@ninewire.com > Innovative and Creative Web Design and Hosting > > > ############################################################# > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > To switch to the INDEX mode, E-mail to > > Send administrative queries to > > ############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Associated Messages, from the most recent to the oldest:

    
  1. Re[2]: Re[3]: Problem with new formvariables (jpeacock@univpress.com 2000)
  2. Re[2]: Re[3]: Problem with new formvariables (jpeacock@univpress.com 2000)
  3. Re: Re[2]: Re[3]: Problem with new formvariables (Jesse Proudman 2000)
Then we should use this hierarchy: - WebCatalog Internal Variables (i.e. [ipaddress]) - Text Secure [text] Variables - Passed Variables (i.e. [cart]) - Normal [text] Variables? Jesse Proudman - NineWire Productions http://www.ninewire.com <-> jesse@ninewire.com Innovative and Creative Web Design and Hosting> -----Original Message----- > From: webcatalog-beta@talk.smithmicro.com > [mailto:webcatalog-beta@talk.smithmicro.com]On Behalf Of > jpeacock@univpress.com > Sent: Tuesday, May 02, 2000 12:20 PM > To: webcatalog-beta@talk.smithmicro.com > Subject: Re[2]: Re[3]: Problem with new formvariables > > > Jesse - > > The only sensible level of security is one that you have to > explicitly _opt out > of_, not remember to enable. And the discussion at hand is not whether > variables defined within a template could be locked, but rather whether > variables passed as part of the command line could override > variables on the > template. > > i.e. index.shtml?ipaddress=10.0.0.1 > > currently overrides the system variable [ipaddress], which is > _highly_ insecure. > This can be rightly considered to be a bugfix, not an upgrade. > > John Peacock > > > ____________________Reply Separator____________________ > Subject: Re: Re[3]: Problem with new formvariables > Author: > Date: 5/2/2000 11:02 AM > > Are you saying that if you had: > > [text secure=t]SecureVar=T[/text] > [text]Securevar=f[/text] > > that the value would get to F? but it would be secure. > > The only way to change secure vars should be: > > [text secure=t]securevar=t[/text] > [text secure=t]securevar=f[/text] > > > Jesse Proudman - NineWire Productions > http://www.ninewire.com <-> jesse@ninewire.com > Innovative and Creative Web Design and Hosting > > > ############################################################# > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > To switch to the INDEX mode, E-mail to > > Send administrative queries to > > ############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Jesse Proudman

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

sandbox is hogging 99% cpu cycles (2004) shownext problems (1998) groups and [ShowNext] (1997) WebCatalog [FoundItems] Problem - LONG - (1997) serial number dishing (1997) Runtime version ... (2003) forming a SKU (1999) Nesting format tags (1997) [shownext] stumps me every 3-4 months !@%*#! (2000) [UPPERCASE] (1997) tcpconnect/tcpsend frustrations (2002) Fwd: Problem with order (1998) Smith Micro - no competition (2000) WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997) Running _every_ page through WebCat ? (1997) [if] and [showif] - A solution (2002) Xserve Recommendations (2003) Dark Horse Comics success story (1997) [WebDNA] [BULK] search tag just not working (2012) Blank orders after update to 5.1 (2003)