Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;)

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 102711
interpreted = N
texte = In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [RemoveHTML] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [Grep] or [ConvertChars]. Brian Fries BrainScan Software On Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote: > Hi all, > > How do you protect yourself from bad code submitted to a form field. > > How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field? > > ... and other questions in the same subject? > > The above to be used for a better implementation on my WebDNA > forum's app's. > > I hope that gives us something to talk about ;) > > Palle > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
  2. RE: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) ("Olin Lagon" 2009)
  3. Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Brian Fries 2009)
  4. [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;) (Palle Bo Nielsen 2009)
In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [removehtml] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [grep] or [convertchars]. Brian Fries BrainScan Software On Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote: > Hi all, > > How do you protect yourself from bad code submitted to a form field. > > How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field? > > ... and other questions in the same subject? > > The above to be used for a better implementation on my WebDNA > forum's app's. > > I hope that gives us something to talk about ;) > > Palle > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ Brian Fries

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

RE: WebCatalog2 for NT Beta Request (1997) Help! WebCat2 bug (1997) lineitems not showing when moving to a different OS (2006) Rumpus/Typhoon modules included in Typhoon ... (1997) Re[2]: Wierd problem with 3.08 WIN Version (2000) What about this [delete] situation? (1998) WebDNA's future and yours ... (2006) [WebDNA] OT: PHP on lighttpd (2013) Saving/Looking Up customer numbers (1998) WebCatalog2 Feature Feedback (1996) Sendmail truncation in Eudora Clients (1998) My slower response (1997) Another question (1997) Search-context (1999) Applescript in Webcatalog problem (1997) Cookie and Domain Names (2005) Accepting credit cards (1997) faxing orders (2000) Problems with [Applescript] (1997) WYSIWYG Editor? (2006)