Re: [replace] has protection feature like [delete]?
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 31540
interpreted = N
texte = If you let me admin my own record in the users.db, I can add any group I want to my own 'groups' field, then I can access all [protect]ed pages on the entire site -- whether or not that's what you wanted me to be able to do.The old username/password field stuff is a hold-over from webcat 1.6, and it's no longer considered the best way to secure your db's by any means ... I'm surprised that code was never removed from webcatalog a long time ago ...>otherwise how does one allow differing levels of administrators to >[replace] *only*>their alloted records in a db which is accessed by ALL level of admin?> (ie. prevent them from editing records that do not belong to their >authenticate group?)>>-John>>John Butler wrote:>>> [DELETE db=DatabasePath&eqNAMEdata=Fred]>> ... Note: if the database has username and password fields, then >>the records will not>> be deleted unless the visitor's web browser username/password >>match the record's>> username/password.>>>> is this behaviour also true for the [replace] context? There is >>no mention of it in>> the docs, but it would be nice to have that option so I ask...>>>> -John>>>> ------------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list
.>> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >================================Kenneth Grome, WebDNA Consultant808-737-6499 http://webdna.net================================-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Associated Messages, from the most recent to the oldest:
If you let me admin my own record in the users.db, I can add any group I want to my own 'groups' field, then I can access all [protect]ed pages on the entire site -- whether or not that's what you wanted me to be able to do.The old username/password field stuff is a hold-over from webcat 1.6, and it's no longer considered the best way to secure your db's by any means ... I'm surprised that code was never removed from webcatalog a long time ago ...>otherwise how does one allow differing levels of administrators to >[replace] *only*>their alloted records in a db which is accessed by ALL level of admin?> (ie. prevent them from editing records that do not belong to their >authenticate group?)>>-John>>John Butler wrote:>>> [DELETE db=DatabasePath&eqNAMEdata=Fred]>> ... Note: if the database has username and password fields, then >>the records will not>> be deleted unless the visitor's web browser username/password >>match the record's>> username/password.>>>> is this behaviour also true for the [replace] context? There is >>no mention of it in>> the docs, but it would be nice to have that option so I ask...>>>> -John>>>> ------------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >================================Kenneth Grome, WebDNA Consultant808-737-6499 http://webdna.net================================-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to
Kenneth Grome
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
https validation (2001)
Fax Broadcast (1998)
Multithreading of [replace] (1999)
calculating tax rates, mail order solutions and version 2 (1997)
[WebDNA] Problems with WebCatalogCtl command (2009)
[append] (1998)
question: search return in order (1997)
Date range (2006)
Thanks and Big News!!! (1997)
Math variable size-dumb question (1999)
Separate SSL Server (1997)
SiteGuard Admin Feature ? (1997)
RE: [WebDNA] Dreamweaver Tag Libraries and Snippets (2011)
WebCat2b12--[searchstring] bug (1997)
error -108 (1997)
RE: Error: template (1997)
What am I missing (1997)
Hiding usernames and passwords in URL (1998)
No spaces allowed in text variable names ... ? (2002)
functions... (2005)