Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;)

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 102711
interpreted = N
texte = In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [RemoveHTML] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [Grep] or [ConvertChars]. Brian Fries BrainScan Software On Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote: > Hi all, > > How do you protect yourself from bad code submitted to a form field. > > How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field? > > ... and other questions in the same subject? > > The above to be used for a better implementation on my WebDNA > forum's app's. > > I hope that gives us something to talk about ;) > > Palle > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
  2. RE: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) ("Olin Lagon" 2009)
  3. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Brian Fries 2009)
  4. [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [removehtml] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [grep] or [convertchars]. Brian Fries BrainScan Software On Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote: > Hi all, > > How do you protect yourself from bad code submitted to a form field. > > How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field? > > ... and other questions in the same subject? > > The above to be used for a better implementation on my WebDNA > forum's app's. > > I hope that gives us something to talk about ;) > > Palle > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ Brian Fries

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] Exclude found items in a 2nd search (2016) Not sending email !!! (2002) method of payment (1997) and vs or vs not (1998) Bug? (1997) Custom WebCat Prefs ... (1997) problems with 2 tags shakur (1997) expired beta (1997) Shopping Cart Problem (1998) blank page from template (1997) Nested tags count question (1997) Question (1997) Custom Shipping Charges (1997) BGcolor (1997) Semi-OT: Update forms not working remotely (2002) How true is this? (1999) Clearing cart headers (2000) shownext & math (1997) Warning: Mac OS X 10.2.4 Update Overwrites Apache's (2003) user/password validation (1998)