Re: [WebDNA] Protect TextArea and other Input-Fields with WebDNA - Something to talk about ;)
This WebDNA talk-list message is from 2009
It keeps the original formatting.
numero = 102711
interpreted = N
texte = In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [RemoveHTML] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [Grep] or [ConvertChars].Brian FriesBrainScan SoftwareOn Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote:> Hi all,>> How do you protect yourself from bad code submitted to a form field.>> How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field?>> ... and other questions in the same subject?>> The above to be used for a better implementation on my WebDNA > forum's app's.>> I hope that gives us something to talk about ;)>> Palle> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/
Associated Messages, from the most recent to the oldest:
In general, unless you put the text inside an [interpret] context you don't need to worry about WebDNA execution. If you are writing the content out to text files that you then [include] into your page, use the "raw=T" parameter in your include tag. You can also use the "RemoveWebDNA=T" parameter to the [removehtml] context, but that will strip out the HTML formatting as well. To just remove or replace square brackets, you can use [grep] or [convertchars].Brian FriesBrainScan SoftwareOn Jun 15, 2009, at 10:37 AM, Palle Bo Nielsen wrote:> Hi all,>> How do you protect yourself from bad code submitted to a form field.>> How do you make sure that e.g. HTML can be made visible with the > right syntax but no executable when submitted from a form field?>> ... and other questions in the same subject?>> The above to be used for a better implementation on my WebDNA > forum's app's.>> I hope that gives us something to talk about ;)>> Palle> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/
Brian Fries
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[WebDNA] Exclude found items in a 2nd search (2016)
Not sending email !!! (2002)
method of payment (1997)
and vs or vs not (1998)
Bug? (1997)
Custom WebCat Prefs ... (1997)
problems with 2 tags shakur (1997)
expired beta (1997)
Shopping Cart Problem (1998)
blank page from template (1997)
Nested tags count question (1997)
Question (1997)
Custom Shipping Charges (1997)
BGcolor (1997)
Semi-OT: Update forms not working remotely (2002)
How true is this? (1999)
Clearing cart headers (2000)
shownext & math (1997)
Warning: Mac OS X 10.2.4 Update Overwrites Apache's (2003)
user/password validation (1998)