Re: Restricting templates from causing havoc

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35616
interpreted = N
texte = I don't understand what you mean by change file names. I have folders with 1 .tpl file of my own making. In that folder clients are permitted to upload graphics for conversion, they upload their graphic (all types not just .jpg & .gifs) and hopefully logout. Right now I'm tempted to rename all my templates .asp and leave out to confuse th would be hacker. I just thought there might be a more secure way.You would think that it would be possible to make the templates password protected, much like the Price Change Password in the order file.By placing [PROCESS PASSWORD=MYPASSWORD] at the top or each .tpl , if the password isn't correct the web server returns the error page.Sound like something fairly simple.Maybe in a future version?????? Kenneth Grome wrote:> You change the file names of html or tpl files to prevent them from > being interpreted by webcatalog., and you leave gif and jpg file > names alone. > > >My clients are using http (webstar upload) to upload. I don't see > >any difference > >between ftp and http upload. They both have the abililty to upload .tpl's > > > >WebDNA Support wrote: > > > >> >Does anyone know a way keep apple script/ and web catalog from deleting > >> >files or causding havoc if someone were to upload a homemade template. > >> >Is there a way to password protect templates so they only excute if the > >> >password is in the template itself. > >> > >> Not per se. The solution right now is to prevent people from > >> uploading WebDNA at all. For instance, under StoreBuilder 4.0, one > >> can build a complete sophisticated storefront without needing ftp > >> access (graphic uploads are done thru HTTP upload), so by eliminating > >> ftp (or any arbitrary WebDNA) entirely we can prevent havoc. > >> > >> -- > >> Technical Support ********************************** > >> Smith Micro, Internet Solutions Div | eCommerce (WebCatalog) > >> 16855 West Bernardo Drive, #380 | ------------------------- > >> San Diego, CA 92127 | Software & Site Development > >> WebCatalog Support: (858) 675-0632 | http://www.smithmicro.com > >> Fax: (858) 675-0372 ********************************** > >> > >> ------------------------------------------------------------- > >> This message is sent to you because you are subscribed to > >> the mailing list . > >> To unsubscribe, E-mail to: > >> To switch to the DIGEST mode, E-mail to > >> > >> Web Archive of this list is at: http://search.smithmicro.com/ > > > >-- > >Marc Malacarme > >Lauren Stomel Advertising > >1-310-451-5114 > > > > > > > >------------------------------------------------------------- > >This message is sent to you because you are subscribed to > > the mailing list . > >To unsubscribe, E-mail to: > >To switch to the DIGEST mode, E-mail to > > > >Web Archive of this list is at: http://search.smithmicro.com/ > > ================================ > Kenneth Grome, WebDNA Consultant > 808-737-6499 http://webdna.net > ================================ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-- Marc Malacarme Lauren Stomel Advertising 1-310-451-5114------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  2. Re: Restricting templates from causing havoc (Marc 2000)
  3. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  4. Re: Restricting templates from causing havoc (Kenneth Grome 2000)
  5. Re: Restricting templates from causing havoc (Marc 2000)
  6. Re: Restricting templates from causing havoc (WebDNA Support 2000)
  7. Restricting templates from causing havoc (Marc 2000)
I don't understand what you mean by change file names. I have folders with 1 .tpl file of my own making. In that folder clients are permitted to upload graphics for conversion, they upload their graphic (all types not just .jpg & .gifs) and hopefully logout. Right now I'm tempted to rename all my templates .asp and leave out to confuse th would be hacker. I just thought there might be a more secure way.You would think that it would be possible to make the templates password protected, much like the Price Change Password in the order file.By placing [PROCESS PASSWORD=MYPASSWORD] at the top or each .tpl , if the password isn't correct the web server returns the error page.Sound like something fairly simple.Maybe in a future version?????? Kenneth Grome wrote:> You change the file names of html or tpl files to prevent them from > being interpreted by webcatalog., and you leave gif and jpg file > names alone. > > >My clients are using http (webstar upload) to upload. I don't see > >any difference > >between ftp and http upload. They both have the abililty to upload .tpl's > > > >WebDNA Support wrote: > > > >> >Does anyone know a way keep apple script/ and web catalog from deleting > >> >files or causding havoc if someone were to upload a homemade template. > >> >Is there a way to password protect templates so they only excute if the > >> >password is in the template itself. > >> > >> Not per se. The solution right now is to prevent people from > >> uploading WebDNA at all. For instance, under StoreBuilder 4.0, one > >> can build a complete sophisticated storefront without needing ftp > >> access (graphic uploads are done thru HTTP upload), so by eliminating > >> ftp (or any arbitrary WebDNA) entirely we can prevent havoc. > >> > >> -- > >> Technical Support ********************************** > >> Smith Micro, Internet Solutions Div | eCommerce (WebCatalog) > >> 16855 West Bernardo Drive, #380 | ------------------------- > >> San Diego, CA 92127 | Software & Site Development > >> WebCatalog Support: (858) 675-0632 | http://www.smithmicro.com > >> Fax: (858) 675-0372 ********************************** > >> > >> ------------------------------------------------------------- > >> This message is sent to you because you are subscribed to > >> the mailing list . > >> To unsubscribe, E-mail to: > >> To switch to the DIGEST mode, E-mail to > >> > >> Web Archive of this list is at: http://search.smithmicro.com/ > > > >-- > >Marc Malacarme > >Lauren Stomel Advertising > >1-310-451-5114 > > > > > > > >------------------------------------------------------------- > >This message is sent to you because you are subscribed to > > the mailing list . > >To unsubscribe, E-mail to: > >To switch to the DIGEST mode, E-mail to > > > >Web Archive of this list is at: http://search.smithmicro.com/ > > ================================ > Kenneth Grome, WebDNA Consultant > 808-737-6499 http://webdna.net > ================================ > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-- Marc Malacarme Lauren Stomel Advertising 1-310-451-5114------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Marc

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[date] insanity! (2001) how many users (2000) Math with Time (1997) WCS Newbie question (1997) Protect (1997) Search returns all, not 20 (1997) Another question (1997) Install Webcat 4.01 - Server Hard Freeze (2000) Problems getting parameters passed into email. (1997) Using Cookie for client specific info? (1997) Webcat Manual and TeaRoom Examples Uses Different Examples. (1997) RE: Adding a product from another site (1997) Creating folders and deleting files (1997) WebMerchant still not working!! (1999) Shared databases (2003) [searchString] (1997) searchable list archive (1997) [WebDNA] Still having problems (2008) Re:Dumb Question about Docs (1997) Spawn not working (1999)