Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!]
This WebDNA talk-list message is from 2011
It keeps the original formatting.
numero = 107119
interpreted = N
texte = I thought this bug was fixed already in version 6.2 or earlier?Sincerely,Kenneth Grome> Hi Daniel> > > I noticed in a google search for our error that one of> > the indexed urls had &!=1 at the end of it, causing> > the entire page to break. This also breaks webdna.us> > when added to the end of URLs.> > The original issue you asked about (suddenly failing> orders) sounds like something got corrupted.. which I am> not addressing here.. but this ^^^ is a known bug in> webdna ... before version 7. If you pass the name of a> webdna context as though it were a URL/form-variable> (for example the comment context, e.g.> "page.html?aaa=bbb&!=x", then it sticks in "x" in place> of all the "[!]"'s on your page! ...Thus breaking all> the comment tags... and exposing code you meant to have> commented out! Obviously this is a really dangerous> bug. The solution (if you cannot or should not upgrade> to version 7.. and here I am guessing you will not want> to.. on account of your using the old built-in> e-commerce tags (?)) is to use code such as this in> your pre-parse script.. (or else in an include you place> at the top of every page) : (you can make the [redirect]> redirect to wherever you want.. here it goes to the> default/home page.)> > > [!]--- START: to plug up the security hole of when URL> hacker passes a webdna context name as a> formvar---[/!][!] [/!][formvariables name=!][redirect> /][/formvariables][!] [/!][formvariables> name=addfields][redirect /][/formvariables][!]> [/!][formvariables name=addlineitem][redirect> /][/formvariables][!] [/!][formvariables> name=append][redirect /][/formvariables][!]> [/!][formvariables name=appendfile][redirect> /][/formvariables][!] [/!][formvariables> name=applescript][redirect /][/formvariables][!]> [/!][formvariables name=arrayget][redirect> /][/formvariables][!] [/!][formvariables> name=arrayset][redirect /][/formvariables][!]> [/!][formvariables name=authenticate][redirect> /][/formvariables][!] [/!][formvariables> name=boldwords][redirect /][/formvariables][!]> [/!][formvariables name=browsername][redirect> /][/formvariables][!] [/!][formvariables> name=calcfilecrc32][redirect /][/formvariables][!]> [/!][formvariables name=capitalize][redirect> /][/formvariables][!] [/!][formvariables> name=cart][redirect /][/formvariables][!]> [/!][formvariables name=case][redirect> /][/formvariables][!] [/!][formvariables> name=clearlineitems][redirect /][/formvariables][!]> [/!][formvariables name=closedatabase][redirect> /][/formvariables][!] [/!][formvariables> name=command][redirect /][/formvariables][!]> [/!][formvariables name=commitdatabase][redirect> /][/formvariables][!] [/!][formvariables> name=convertchars][redirect /][/formvariables][!]> [/!][formvariables name=convertwords][redirect> /][/formvariables][!] [/!][formvariables> name=copyfile][redirect /][/formvariables][!]> [/!][formvariables name=copyfolder][redirect> /][/formvariables][!] [/!][formvariables> name=countchars][redirect /][/formvariables][!]> [/!][formvariables name=countwords][redirect> /][/formvariables][!] [/!][formvariables> name=createfolder][redirect /][/formvariables][!]> [/!][formvariables name=date][redirect> /][/formvariables][!] [/!][formvariables> name=ddeconnect][redirect /][/formvariables][!]> [/!][formvariables name=ddesend][redirect> /][/formvariables][!] [/!][formvariables> name=decrypt][redirect /][/formvariables][!]> [/!][formvariables name=delete][redirect> /][/formvariables][!] [/!][formvariables> name=deletefile][redirect /][/formvariables][!]> [/!][formvariables name=deletefolder][redirect> /][/formvariables][!] [/!][formvariables> name=dos][redirect /][/formvariables][!]> [/!][formvariables name=elapsedtime][redirect> /][/formvariables][!] [/!][formvariables> name=else][redirect /][/formvariables][!]> [/!][formvariables name=encrypt][redirect> /][/formvariables][!] [/!][formvariables> name=exclusivelock][redirect /][/formvariables][!]> [/!][formvariables name=filecompare][redirect> /][/formvariables][!] [/!][formvariables> name=fileinfo][redirect /][/formvariables][!]> [/!][formvariables name=findstring][redirect> /][/formvariables][!] [/!][formvariables> name=flushcache][redirect /][/formvariables][!]> [/!][formvariables name=flushdatabases][redirect> /][/formvariables][!] [/!][formvariables> name=format][redirect /][/formvariables][!]> [/!][formvariables name=format][redirect> /][/formvariables][!] [/!][formvariables> name=formvariables][redirect /][/formvariables][!]> [/!][formvariables name=founditems][redirect> /][/formvariables][!] [/!][formvariables> name=freememory][redirect /][/formvariables][!]> [/!][formvariables name=function][redirect> /][/formvariables][!] [/!][formvariables> name=getchars][redirect /][/formvariables][!]> [/!][formvariables name=getcookie][redirect> /][/formvariables][!] [/!][formvariables> name=getmimeheader][redirect /][/formvariables][!]> [/!][formvariables name=grep][redirect> /][/formvariables][!] [/!][formvariables> name=hideif][redirect /][/formvariables][!]> [/!][formvariables name=html1][redirect> /][/formvariables][!] [/!][formvariables> name=html2][redirect /][/formvariables][!]> [/!][formvariables name=html3][redirect> /][/formvariables][!] [/!][formvariables> name=httpmethod][redirect /][/formvariables][!]> [/!][formvariables name=if][redirect> /][/formvariables][!] [/!][formvariables> name=include][redirect /][/formvariables][!]> [/!][formvariables name=input][redirect> /][/formvariables][!] [/!][formvariables> name=interpret][redirect /][/formvariables][!]> [/!][formvariables name=ipaddress][redirect> /][/formvariables][!] [/!][formvariables> name=issecureclient][redirect /][/formvariables][!]> [/!][formvariables name=lastautonumner][redirect> /][/formvariables][!] [/!][formvariables> name=lastrandom][redirect /][/formvariables][!]> [/!][formvariables name=lineitems][redirect> /][/formvariables][!] [/!][formvariables> name=listchars][redirect /][/formvariables][!]> [/!][formvariables name=listcookies][redirect> /][/formvariables][!] [/!][formvariables> name=listdatabases][redirect /][/formvariables][!]> [/!][formvariables name=listfields][redirect> /][/formvariables][!] [/!][formvariables> name=listfiles][redirect /][/formvariables][!]> [/!][formvariables name=listmimeheaders][redirect> /][/formvariables][!] [/!][formvariables> name=listpath][redirect /][/formvariables][!]> [/!][formvariables name=listvariables][redirect> /][/formvariables][!] [/!][formvariables> name=listwords][redirect /][/formvariables][!]> [/!][formvariables name=lookup][redirect> /][/formvariables][!] [/!][formvariables> name=lookup][redirect /][/formvariables][!]> [/!][formvariables name=loop][redirect> /][/formvariables][!] [/!][formvariables> name=lowercase][redirect /][/formvariables][!]> [/!][formvariables name=math][redirect> /][/formvariables][!] [/!][formvariables> name=middle][redirect /][/formvariables][!]> [/!][formvariables name=movefile][redirect> /][/formvariables][!] [/!][formvariables> name=object][redirect /][/formvariables][!]> [/!][formvariables name=orderfile][redirect> /][/formvariables][!] [/!][formvariables> name=password][redirect /][/formvariables][!]> [/!][formvariables name=platform][redirect> /][/formvariables][!] [/!][formvariables> name=product][redirect /][/formvariables][!]> [/!][formvariables name=protect][redirect> /][/formvariables][!] [/!][formvariables> name=purchase][redirect /][/formvariables][!]> [/!][formvariables name=random][redirect> /][/formvariables][!] [/!][formvariables> name=raw][redirect /][/formvariables][!]> [/!][formvariables name=redirect][redirect> /][/formvariables][!] [/!][formvariables> name=referrer][redirect /][/formvariables][!]> [/!][formvariables name=removehtml][redirect> /][/formvariables][!] [/!][formvariables> name=removelineitem][redirect /][/formvariables][!]> [/!][formvariables name=replace][redirect> /][/formvariables][!] [/!][formvariables> name=replacefounditems][redirect /][/formvariables][!]> [/!][formvariables name=return][redirect> /][/formvariables][!] [/!][formvariables> name=returnraw][redirect /][/formvariables][!]> [/!][formvariables name=scope][redirect> /][/formvariables][!] [/!][formvariables> name=search][redirect /][/formvariables][!]> [/!][formvariables name=sendmail][redirect> /][/formvariables][!] [/!][formvariables> name=setcookie][redirect /][/formvariables][!]> [/!][formvariables name=setheader][redirect> /][/formvariables][!] [/!][formvariables> name=setlineitem][redirect /][/formvariables][!]> [/!][formvariables name=setmimeheader][redirect> /][/formvariables][!] [/!][formvariables> name=shell][redirect /][/formvariables][!]> [/!][formvariables name=showif][redirect> /][/formvariables][!] [/!][formvariables> name=shownext][redirect /][/formvariables][!]> [/!][formvariables name=spawn][redirect> /][/formvariables][!] [/!][formvariables> name=sql][redirect /][/formvariables][!]> [/!][formvariables name=sql][redirect> /][/formvariables][!] [/!][formvariables> name=sqlconnect][redirect /][/formvariables][!]> [/!][formvariables name=sqldisconnect][redirect> /][/formvariables][!] [/!][formvariables> name=sqlexecute][redirect /][/formvariables][!]> [/!][formvariables name=sqlinfo][redirect> /][/formvariables][!] [/!][formvariables> name=sqlrelease][redirect /][/formvariables][!]> [/!][formvariables name=sqlresult][redirect> /][/formvariables][!] [/!][formvariables> name=switch][redirect /][/formvariables][!]> [/!][formvariables name=table][redirect> /][/formvariables][!] [/!][formvariables> name=tcpconnect][redirect /][/formvariables][!]> [/!][formvariables name=tcpsend][redirect> /][/formvariables][!] [/!][formvariables> name=text][redirect /][/formvariables][!]> [/!][formvariables name=then][redirect> /][/formvariables][!] [/!][formvariables> name=thisurl][redirect /][/formvariables][!]> [/!][formvariables name=time][redirect> /][/formvariables][!] [/!][formvariables> name=unurl][redirect /][/formvariables][!]> [/!][formvariables name=uppercase][redirect> /][/formvariables][!] [/!][formvariables> name=url][redirect /][/formvariables][!]> [/!][formvariables name=username][redirect> /][/formvariables][!] [/!][formvariables> name=validcard][redirect /][/formvariables][!]> [/!][formvariables name=version][redirect> /][/formvariables][!] [/!][formvariables> name=version][redirect /][/formvariables][!]> [/!][formvariables name=waitforfile][redirect> /][/formvariables][!] [/!][formvariables> name=writefile][redirect /][/formvariables][!]> [/!][formvariables name=xmlnode][redirect> /][/formvariables][!] [/!][formvariables> name=xmlnodes][redirect /][/formvariables][!]> [/!][formvariables name=xmlnodesattributes][redirect> /][/formvariables][!] [/!][formvariables> name=xmlparse][redirect /][/formvariables][!]> [/!][formvariables name=xsl][redirect> /][/formvariables][!] [/!][formvariables> name=xslt][redirect /][/formvariables][!] [/!][!]---> END: to plug up the security hole of when URL hacker> passes a webdna context name as a formvar---[/!]
Associated Messages, from the most recent to the oldest:
|
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Govinda 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
- Re: [WebDNA] Error: Can't open order file. Ignoring [OrderFile] context Error: Error: expected [/APPLICATION], but found [/!] instead[/!] (Kenneth Grome 2011)
|
I thought this bug was fixed already in version 6.2 or earlier?Sincerely,Kenneth Grome> Hi Daniel> > > I noticed in a google search for our error that one of> > the indexed urls had &!=1 at the end of it, causing> > the entire page to break. This also breaks webdna.us> > when added to the end of URLs.> > The original issue you asked about (suddenly failing> orders) sounds like something got corrupted.. which I am> not addressing here.. but this ^^^ is a known bug in> webdna ... before version 7. If you pass the name of a> webdna context as though it were a URL/form-variable> (for example the comment context, e.g.> "page.html?aaa=bbb&!=x", then it sticks in "x" in place> of all the "
[!]"'s on your page! ...Thus breaking all> the comment tags... and exposing code you meant to have> commented out! Obviously this is a really dangerous> bug. The solution (if you cannot or should not upgrade> to version 7.. and here I am guessing you will not want> to.. on account of your using the old built-in> e-commerce tags (?)) is to use code such as this in> your pre-parse script.. (or else in an include you place> at the top of every page) : (you can make the
[redirect]> redirect to wherever you want.. here it goes to the> default/home page.)> > >
[!]--- START: to plug up the security hole of when URL> hacker passes a webdna context name as a> formvar---[/!]
[!] [/!][formvariables name=!][redirect> /][/formvariables]
[!] [/!][formvariables> name=addfields][redirect /][/formvariables]
[!]> [/!][formvariables name=addlineitem][redirect> /][/formvariables]
[!] [/!][formvariables> name=append][redirect /][/formvariables]
[!]> [/!][formvariables name=appendfile][redirect> /][/formvariables]
[!] [/!][formvariables> name=applescript][redirect /][/formvariables]
[!]> [/!][formvariables name=arrayget][redirect> /][/formvariables]
[!] [/!][formvariables> name=arrayset][redirect /][/formvariables]
[!]> [/!][formvariables name=authenticate][redirect> /][/formvariables]
[!] [/!][formvariables> name=boldwords][redirect /][/formvariables]
[!]> [/!][formvariables name=browsername][redirect> /][/formvariables]
[!] [/!][formvariables> name=calcfilecrc32][redirect /][/formvariables]
[!]> [/!][formvariables name=capitalize][redirect> /][/formvariables]
[!] [/!][formvariables> name=cart][redirect /][/formvariables]
[!]> [/!][formvariables name=case][redirect> /][/formvariables]
[!] [/!][formvariables> name=clearlineitems][redirect /][/formvariables]
[!]> [/!][formvariables name=closedatabase][redirect> /][/formvariables]
[!] [/!][formvariables> name=command][redirect /][/formvariables]
[!]> [/!][formvariables name=commitdatabase][redirect> /][/formvariables]
[!] [/!][formvariables> name=convertchars][redirect /][/formvariables]
[!]> [/!][formvariables name=convertwords][redirect> /][/formvariables]
[!] [/!][formvariables> name=copyfile][redirect /][/formvariables]
[!]> [/!][formvariables name=copyfolder][redirect> /][/formvariables]
[!] [/!][formvariables> name=countchars][redirect /][/formvariables]
[!]> [/!][formvariables name=countwords][redirect> /][/formvariables]
[!] [/!][formvariables> name=createfolder][redirect /][/formvariables]
[!]> [/!][formvariables name=date][redirect> /][/formvariables]
[!] [/!][formvariables> name=ddeconnect][redirect /][/formvariables]
[!]> [/!][formvariables name=ddesend][redirect> /][/formvariables]
[!] [/!][formvariables> name=decrypt][redirect /][/formvariables]
[!]> [/!][formvariables name=delete][redirect> /][/formvariables]
[!] [/!][formvariables> name=deletefile][redirect /][/formvariables]
[!]> [/!][formvariables name=deletefolder][redirect> /][/formvariables]
[!] [/!][formvariables> name=dos][redirect /][/formvariables]
[!]> [/!][formvariables name=elapsedtime][redirect> /][/formvariables]
[!] [/!][formvariables> name=else][redirect /][/formvariables]
[!]> [/!][formvariables name=encrypt][redirect> /][/formvariables]
[!] [/!][formvariables> name=exclusivelock][redirect /][/formvariables]
[!]> [/!][formvariables name=filecompare][redirect> /][/formvariables]
[!] [/!][formvariables> name=fileinfo][redirect /][/formvariables]
[!]> [/!][formvariables name=findstring][redirect> /][/formvariables]
[!] [/!][formvariables> name=flushcache][redirect /][/formvariables]
[!]> [/!][formvariables name=flushdatabases][redirect> /][/formvariables]
[!] [/!][formvariables> name=format][redirect /][/formvariables]
[!]> [/!][formvariables name=format][redirect> /][/formvariables]
[!] [/!][formvariables> name=formvariables][redirect /][/formvariables]
[!]> [/!][formvariables name=founditems][redirect> /][/formvariables]
[!] [/!][formvariables> name=freememory][redirect /][/formvariables]
[!]> [/!][formvariables name=function][redirect> /][/formvariables]
[!] [/!][formvariables> name=getchars][redirect /][/formvariables]
[!]> [/!][formvariables name=getcookie][redirect> /][/formvariables]
[!] [/!][formvariables> name=getmimeheader][redirect /][/formvariables]
[!]> [/!][formvariables name=grep][redirect> /][/formvariables]
[!] [/!][formvariables> name=hideif][redirect /][/formvariables]
[!]> [/!][formvariables name=html1][redirect> /][/formvariables]
[!] [/!][formvariables> name=html2][redirect /][/formvariables]
[!]> [/!][formvariables name=html3][redirect> /][/formvariables]
[!] [/!][formvariables> name=httpmethod][redirect /][/formvariables]
[!]> [/!][formvariables name=if][redirect> /][/formvariables]
[!] [/!][formvariables> name=include][redirect /][/formvariables]
[!]> [/!][formvariables name=input][redirect> /][/formvariables]
[!] [/!][formvariables> name=interpret][redirect /][/formvariables]
[!]> [/!][formvariables name=ipaddress][redirect> /][/formvariables]
[!] [/!][formvariables> name=issecureclient][redirect /][/formvariables]
[!]> [/!][formvariables name=lastautonumner][redirect> /][/formvariables]
[!] [/!][formvariables> name=lastrandom][redirect /][/formvariables]
[!]> [/!][formvariables name=lineitems][redirect> /][/formvariables]
[!] [/!][formvariables> name=listchars][redirect /][/formvariables]
[!]> [/!][formvariables name=listcookies][redirect> /][/formvariables]
[!] [/!][formvariables> name=listdatabases][redirect /][/formvariables]
[!]> [/!][formvariables name=listfields][redirect> /][/formvariables]
[!] [/!][formvariables> name=listfiles][redirect /][/formvariables]
[!]> [/!][formvariables name=listmimeheaders][redirect> /][/formvariables]
[!] [/!][formvariables> name=listpath][redirect /][/formvariables]
[!]> [/!][formvariables name=listvariables][redirect> /][/formvariables]
[!] [/!][formvariables> name=listwords][redirect /][/formvariables]
[!]> [/!][formvariables name=lookup][redirect> /][/formvariables]
[!] [/!][formvariables> name=lookup][redirect /][/formvariables]
[!]> [/!][formvariables name=loop][redirect> /][/formvariables]
[!] [/!][formvariables> name=lowercase][redirect /][/formvariables]
[!]> [/!][formvariables name=math][redirect> /][/formvariables]
[!] [/!][formvariables> name=middle][redirect /][/formvariables]
[!]> [/!][formvariables name=movefile][redirect> /][/formvariables]
[!] [/!][formvariables> name=object][redirect /][/formvariables]
[!]> [/!][formvariables name=orderfile][redirect> /][/formvariables]
[!] [/!][formvariables> name=password][redirect /][/formvariables]
[!]> [/!][formvariables name=platform][redirect> /][/formvariables]
[!] [/!][formvariables> name=product][redirect /][/formvariables]
[!]> [/!][formvariables name=protect][redirect> /][/formvariables]
[!] [/!][formvariables> name=purchase][redirect /][/formvariables]
[!]> [/!][formvariables name=random][redirect> /][/formvariables]
[!] [/!][formvariables> name=raw][redirect /][/formvariables]
[!]> [/!][formvariables name=redirect][redirect> /][/formvariables]
[!] [/!][formvariables> name=referrer][redirect /][/formvariables]
[!]> [/!][formvariables name=removehtml][redirect> /][/formvariables]
[!] [/!][formvariables> name=removelineitem][redirect /][/formvariables]
[!]> [/!][formvariables name=replace][redirect> /][/formvariables]
[!] [/!][formvariables> name=replacefounditems][redirect /][/formvariables]
[!]> [/!][formvariables name=return][redirect> /][/formvariables]
[!] [/!][formvariables> name=returnraw][redirect /][/formvariables]
[!]> [/!][formvariables name=scope][redirect> /][/formvariables]
[!] [/!][formvariables> name=search][redirect /][/formvariables]
[!]> [/!][formvariables name=sendmail][redirect> /][/formvariables]
[!] [/!][formvariables> name=setcookie][redirect /][/formvariables]
[!]> [/!][formvariables name=setheader][redirect> /][/formvariables]
[!] [/!][formvariables> name=setlineitem][redirect /][/formvariables]
[!]> [/!][formvariables name=setmimeheader][redirect> /][/formvariables]
[!] [/!][formvariables> name=shell][redirect /][/formvariables]
[!]> [/!][formvariables name=showif][redirect> /][/formvariables]
[!] [/!][formvariables> name=shownext][redirect /][/formvariables]
[!]> [/!][formvariables name=spawn][redirect> /][/formvariables]
[!] [/!][formvariables> name=sql][redirect /][/formvariables]
[!]> [/!][formvariables name=sql][redirect> /][/formvariables]
[!] [/!][formvariables> name=sqlconnect][redirect /][/formvariables]
[!]> [/!][formvariables name=sqldisconnect][redirect> /][/formvariables]
[!] [/!][formvariables> name=sqlexecute][redirect /][/formvariables]
[!]> [/!][formvariables name=sqlinfo][redirect> /][/formvariables]
[!] [/!][formvariables> name=sqlrelease][redirect /][/formvariables]
[!]> [/!][formvariables name=sqlresult][redirect> /][/formvariables]
[!] [/!][formvariables> name=switch][redirect /][/formvariables]
[!]> [/!][formvariables name=table][redirect> /][/formvariables]
[!] [/!][formvariables> name=tcpconnect][redirect /][/formvariables]
[!]> [/!][formvariables name=tcpsend][redirect> /][/formvariables]
[!] [/!][formvariables> name=text][redirect /][/formvariables]
[!]> [/!][formvariables name=then][redirect> /][/formvariables]
[!] [/!][formvariables> name=thisurl][redirect /][/formvariables]
[!]> [/!][formvariables name=time][redirect> /][/formvariables]
[!] [/!][formvariables> name=unurl][redirect /][/formvariables]
[!]> [/!][formvariables name=uppercase][redirect> /][/formvariables]
[!] [/!][formvariables> name=url][redirect /][/formvariables]
[!]> [/!][formvariables name=username][redirect> /][/formvariables]
[!] [/!][formvariables> name=validcard][redirect /][/formvariables]
[!]> [/!][formvariables name=version][redirect> /][/formvariables]
[!] [/!][formvariables> name=version][redirect /][/formvariables]
[!]> [/!][formvariables name=waitforfile][redirect> /][/formvariables]
[!] [/!][formvariables> name=writefile][redirect /][/formvariables]
[!]> [/!][formvariables name=xmlnode][redirect> /][/formvariables]
[!] [/!][formvariables> name=xmlnodes][redirect /][/formvariables]
[!]> [/!][formvariables name=xmlnodesattributes][redirect> /][/formvariables]
[!] [/!][formvariables> name=xmlparse][redirect /][/formvariables]
[!]> [/!][formvariables name=xsl][redirect> /][/formvariables]
[!] [/!][formvariables> name=xslt][redirect /][/formvariables]
[!] [/!]
[!]---> END: to plug up the security hole of when URL hacker> passes a webdna context name as a formvar---[/!]
Kenneth Grome
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Finalizing Orders (2000)
Digest for 09-30-97 (1997)
Cart Numbers (1997)
overload (2002)
WebMerchant when CC network is down (1998)
WebCat2: Items xx to xx shown, etc. (1997)
Search on encrypted field (2000)
WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997)
[LOOKUP] (1997)
Formating found categories (1997)
Secure Server (1997)
WebCat2b13MacPlugIn - [shownext method=post] ??? (1997)
[BoldWords] WebCat.acgib15Mac (1997)
any suggestions for creating a multi-lingual site? (1999)
Sendmail & Time Issue (2001)
WebCatalog for guestbook ? (1997)
How to include weather (2000)
Sample Tearoom Search Error (1997)
The max=0 issue is a bug ... (2000)
emailer (1997)