Re: Entry point? Security w/ dbase helper?

This WebDNA talk-list message is from

1997

It keeps the original formatting. numero = 15885
interpreted = N
texte = >entry page everytime I click the link to enter store or administer store>it looks for catadmin from the folder Im in,>> dbEDIT/store3/catdmin.tmpl instead of>store3/catadmin.tmplDon't you want a different admin page for each store? Most people want that so they can customize each store, and of course it should administer a separate database for each store. Maybe I don't understand the exact problem.>Also is it possible to have users add to dbases based on their name/pass>then they would go to the right cat?I don't quite follow, but certainly you can force people to 'log on' to your site, and then use some WebDNA to look up which site they should go to based on a field in the users database. What, in human terms, are you trying to accoplish overall on your site?>2 ) Im also considering letting users link to the dbase>helper to convert thier exsiting dbases. Has anyone done this? Could>I limit the tmpls that are created? Is this a huge security risk?>any thoughts?Any time you let users write files to your disk, you are opening security holes, because they can write nasty WebDNA to do illicit things to your site (with power comes responsibility).>By the way, I would love to see webcat not let people who have entered>thier password back to the page after theve visited a million other>sites.Not sure what this means, but you can certainly control all aspects of your site based on the [username] and [password] information that the browser sends during each request.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant,11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster,San Diego, CA 92128 | Typhoon619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Re: Entry point? Security w/ dbase helper? (Grant Hulbert 1997)
Entry point? Security w/ dbase helper? (list@9way.com 1997)

>entry page everytime I click the link to enter store or administer store>it looks for catadmin from the folder Im in,>> dbEDIT/store3/catdmin.tmpl instead of>store3/catadmin.tmplDon't you want a different admin page for each store? Most people want that so they can customize each store, and of course it should administer a separate database for each store. Maybe I don't understand the exact problem.>Also is it possible to have users add to dbases based on their name/pass>then they would go to the right cat?I don't quite follow, but certainly you can force people to 'log on' to your site, and then use some WebDNA to look up which site they should go to based on a field in the users database. What, in human terms, are you trying to accoplish overall on your site?>2 ) Im also considering letting users link to the dbase>helper to convert thier exsiting dbases. Has anyone done this? Could>I limit the tmpls that are created? Is this a huge security risk?>any thoughts?Any time you let users write files to your disk, you are opening security holes, because they can write nasty WebDNA to do illicit things to your site (with power comes responsibility).>By the way, I would love to see webcat not let people who have entered>thier password back to the page after theve visited a million other>sites.Not sure what this means, but you can certainly control all aspects of your site based on the [username] and [password] information that the browser sends during each request.Grant Hulbert, V.P. Engineering | ==== eCommerce for the Rest of Us ====Pacific Coast Software | WebCatalog, WebMerchant,11770 Bernardo Plaza Court | SiteEdit Pro, PhotoMaster,San Diego, CA 92128 | Typhoon619/675-1106 Fax: 619/675-0372 | http://www.smithmicro.com/ Grant Hulbert

DOWNLOAD WEBDNA NOW!

Re: Entry point? Security w/ dbase helper?

1997

Top Articles:

Related Readings: