Re: how to post without certain data appearing in the html source
This WebDNA talk-list message is from 2001
It keeps the original formatting.
numero = 37014
interpreted = N
texte = Another option might be to use the welcome plugin to do a proxy call to theother server.On 7/6/01 8:38 AM, The Defendant John Peacock
Confessed:> Dale Therio wrote:>> >>> Are you concerned about users on your site being able to hack>>> your>>> templates and see the SMS site user information or are you>>> concerned>>> about the user information being visible to the SMS site.>> >> I am concerned that a user could see my username and password to>> log into the SMS server. If they have that information they>> could setup a page on their server/homepage and send SMS>> messages on my dime.> > OK, then using TCPConnect to send the SMS messages via the other> site becomes viable. None of the text in the template that calls> the TCPConnect are visible in the final rendered HTML; the text that> the remote site returns can also be filtered out of the HTML using> [middle].> >> >>> Describe how the program flow would happen so we can give you>>> better advice. If a user logs into your site and sends the>>> SMS via the other site, then TCPConnect would work fine>>> (since it does not return anything to the browser (except>>> what you want it to).>> >> There are a couple of ideas for using this technology. The>> simplist idea is that user 1 can send a message to user 2 via a>> form on my site.>> >> User one logs into the site, finds another user he wishes to>> contact then in a similar fashion to how I have email replies>> sent, clicks on a button which brings up a form to enter their>> message. Then submits and the email (SMS in this case) is sent.>> User 1 then gets a confirmation page which shows the content of>> the message they just sent.>> >> The second possible use is for notifications of something going>> happening on the site. User 1 has configured his preferences to>> be notified of certain events that may occur on the site (such>> as a specific user logging on), when the specified user logs on,>> it will run in effect a trigger to see if someone has this user>> in their notify list. Then the system would send an SMS message>> to user 1 letting them know that user 2 is on the site (or for>> example in the chat room).>> >>> The other option is have the user's>>> template create the SMS message in a global folder and have a>>> Trigger come along every minute and process all outgoing>>> SMS messages (think about how e-mail works currently).>> >> Currently my email works like this:>> >> User clicks on send me an email link, gets a form (I pass the>> profile ID of the intended recipient). User fills out the form,>> clicks submit, on the results page I do a search, then within>> the search I do the [sendmail] which is the only place the>> recipent email address is exposed (and being within the sendmail>> it is not in the html source), and present the result page.>> >> Are you suggesting that doing the same, but with a TCPConnect>> would (should) result in similar results? Should I wrap the>> [tcpconnect] with [spawn]?> > No reason to spawn it unless you are afraid of reponse time.> >> >> I also will need to put some checking code in the page to>> prevent multiple sendings of the same message which could happen>> if they use the back button or in the case of Netscape, resize>> the browser window or hit reload. I had many problems in the>> past with people doing that when adding content to the database.>> >> The more I think about it, the better I like the idea of trying>> to store this in a database then sending. That will prevent the>> duplicate data problem and I will also me restricting how many>> messages each user can send per month.>> > > The more I think about it, the more I like of writing the SMS message> to a file/database and having a server Trigger process it, rather than> have the user template do it.> > John> > --> John Peacock> Director of Information Research and Technology> Rowman & Littlefield Publishing Group> 4720 Boston Way> Lanham, MD 20706> 301-459-3366 x.5010> fax 301-429-5747> > -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to> > Web Archive of this list is at: http://search.smithmicro.com/-- Aaron LynchSystem AdministratorNineWire Digital Solutions || http://ninewire.comIf I were two-faced, would I be wearing this one? Abraham Lincoln (1809-1865) -------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Another option might be to use the welcome plugin to do a proxy call to theother server.On 7/6/01 8:38 AM, The Defendant John Peacock Confessed:> Dale Therio wrote:>> >>> Are you concerned about users on your site being able to hack>>> your>>> templates and see the SMS site user information or are you>>> concerned>>> about the user information being visible to the SMS site.>> >> I am concerned that a user could see my username and password to>> log into the SMS server. If they have that information they>> could setup a page on their server/homepage and send SMS>> messages on my dime.> > OK, then using TCPConnect to send the SMS messages via the other> site becomes viable. None of the text in the template that calls> the TCPConnect are visible in the final rendered HTML; the text that> the remote site returns can also be filtered out of the HTML using> [middle].> >> >>> Describe how the program flow would happen so we can give you>>> better advice. If a user logs into your site and sends the>>> SMS via the other site, then TCPConnect would work fine>>> (since it does not return anything to the browser (except>>> what you want it to).>> >> There are a couple of ideas for using this technology. The>> simplist idea is that user 1 can send a message to user 2 via a>> form on my site.>> >> User one logs into the site, finds another user he wishes to>> contact then in a similar fashion to how I have email replies>> sent, clicks on a button which brings up a form to enter their>> message. Then submits and the email (SMS in this case) is sent.>> User 1 then gets a confirmation page which shows the content of>> the message they just sent.>> >> The second possible use is for notifications of something going>> happening on the site. User 1 has configured his preferences to>> be notified of certain events that may occur on the site (such>> as a specific user logging on), when the specified user logs on,>> it will run in effect a trigger to see if someone has this user>> in their notify list. Then the system would send an SMS message>> to user 1 letting them know that user 2 is on the site (or for>> example in the chat room).>> >>> The other option is have the user's>>> template create the SMS message in a global folder and have a>>> Trigger come along every minute and process all outgoing>>> SMS messages (think about how e-mail works currently).>> >> Currently my email works like this:>> >> User clicks on send me an email link, gets a form (I pass the>> profile ID of the intended recipient). User fills out the form,>> clicks submit, on the results page I do a search, then within>> the search I do the [sendmail] which is the only place the>> recipent email address is exposed (and being within the sendmail>> it is not in the html source), and present the result page.>> >> Are you suggesting that doing the same, but with a TCPConnect>> would (should) result in similar results? Should I wrap the>> [tcpconnect] with [spawn]?> > No reason to spawn it unless you are afraid of reponse time.> >> >> I also will need to put some checking code in the page to>> prevent multiple sendings of the same message which could happen>> if they use the back button or in the case of Netscape, resize>> the browser window or hit reload. I had many problems in the>> past with people doing that when adding content to the database.>> >> The more I think about it, the better I like the idea of trying>> to store this in a database then sending. That will prevent the>> duplicate data problem and I will also me restricting how many>> messages each user can send per month.>> > > The more I think about it, the more I like of writing the SMS message> to a file/database and having a server Trigger process it, rather than> have the user template do it.> > John> > --> John Peacock> Director of Information Research and Technology> Rowman & Littlefield Publishing Group> 4720 Boston Way> Lanham, MD 20706> 301-459-3366 x.5010> fax 301-429-5747> > -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to> > Web Archive of this list is at: http://search.smithmicro.com/-- Aaron LynchSystem AdministratorNineWire Digital Solutions || http://ninewire.comIf I were two-faced, would I be wearing this one? Abraham Lincoln (1809-1865) -------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Aaron Lynch
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat b13 CGI -shownext- (1997)
linetiems in thankyou.tpl (1997)
WebTen and WebCat (1997)
remotely creating and populating a stock inventory db -almostthere! (1999)
The Box - (2003)
Displaying text and populating form fields (2005)
shipping calculations, lookup command (1997)
Bugs in IE 6.0 ? (2003)
wish list (2002)
strange IE 4.0 (1998)
PCS Emailer's role ? (1997)
Revisit: speed test (2002)
talking to MacAuthorize (1997)
HELP!!! (1998)
Robert Minor duplicate mail (1997)
authenticating a second user (1997)
Need relative path explanation (1997)
5.0 Preview Promotion Extension (2003)
international time (1997)
redirect with frames (1997)