Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;)
This WebDNA talk-list message is from 2009
It keeps the original formatting.
numero = 102711
interpreted = N
texte = In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [RemoveHTML] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [Grep] or [ConvertChars].Brian FriesBrainScan SoftwareOn Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote:> Hi all,>> How do you protect yourself from bad code submitted to a form field.>> How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field?>> ... and other questions in the same subject?>> The above to be used for a better implementation on my WebDNA > forum's app's.>> I hope that gives us something to talk about ;)>> Palle> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/
Associated Messages, from the most recent to the oldest:
In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [removehtml] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [grep] or [convertchars].Brian FriesBrainScan SoftwareOn Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote:> Hi all,>> How do you protect yourself from bad code submitted to a form field.>> How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field?>> ... and other questions in the same subject?>> The above to be used for a better implementation on my WebDNA > forum's app's.>> I hope that gives us something to talk about ;)>> Palle> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/
Brian Fries
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
RE: WebCatalog2 for NT Beta Request (1997)
Help! WebCat2 bug (1997)
lineitems not showing when moving to a different OS (2006)
Rumpus/Typhoon modules included in Typhoon ... (1997)
Re[2]: Wierd problem with 3.08 WIN Version (2000)
What about this [delete] situation? (1998)
WebDNA's future and yours ... (2006)
[WebDNA] OT: PHP on lighttpd (2013)
Saving/Looking Up customer numbers (1998)
WebCatalog2 Feature Feedback (1996)
Sendmail truncation in Eudora Clients (1998)
My slower response (1997)
Another question (1997)
Search-context (1999)
Applescript in Webcatalog problem (1997)
Cookie and Domain Names (2005)
Accepting credit cards (1997)
faxing orders (2000)
Problems with [Applescript] (1997)
WYSIWYG Editor? (2006)