Re: where to put code
This WebDNA talk-list message is from 1998
It keeps the original formatting.
numero = 19326
interpreted = N
texte = >I personally prefer to use the context method on resulting pages. There I>can see the code at once, which makes it easier to understand. Anyway - I>do not like these long ugly URL's... And if one uses Replace or Delete>in a link, then this command has to be allowed for user input and therefore>some funny guy can destroy the database by simply playing with the URL.>There can be situation when commands in th URL make sense, but my personal>recommendation is to use contexts like [search...] on the target page>whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________Institut Balear de Comunicacions, S.L.Gremio Tejedores 22, 107009 Palma de Mallorca, Spain_____________________________________________Tel: +34 971.43.12.77Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.esURL: http://www.ibacom.es/_____________________________________________Public PGP signature (Clave publica PGP):http://www.ibacom.es/PGP/kefauver.txt_______________________________________________________________
Associated Messages, from the most recent to the oldest:
>I personally prefer to use the context method on resulting pages. There I>can see the code at once, which makes it easier to understand. Anyway - I>do not like these long ugly URL's... And if one uses Replace or Delete>in a link, then this command has to be allowed for user input and therefore>some funny guy can destroy the database by simply playing with the URL.>There can be situation when commands in th URL make sense, but my personal>recommendation is to use contexts like [search...] on the target page>whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________Institut Balear de Comunicacions, S.L.Gremio Tejedores 22, 107009 Palma de Mallorca, Spain_____________________________________________Tel: +34 971.43.12.77Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.esURL: http://www.ibacom.es/_____________________________________________Public PGP signature (Clave publica PGP):http://www.ibacom.es/PGP/kefauver.txt_______________________________________________________________
Charles Kefauver
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Ads.db (1997)
popups, netscape vs explorer (1997)
WebCat chatroom/hyperboard (1997)
[WebDNA] [OT] Apple iPad (2010)
Forcing Paragraph Breaks on Results (1998)
Sorting problem (2002)
2.1 Stuff (1998)
[WebDNA] Cookies & localhost (2008)
Install Webcatalog under NT4.0 and Microsoft IIS 2.0 (1997)
WebCatalog2 Feature Feedback (1996)
Re:no template caching (1997)
Cookies and webcat (1997)
WebCat2 - [format thousands] (1997)
[lookup] [search] Issue (2005)
Cookie still not working (1999)
[SearchString] (1998)
Sort Order on a page search (1997)
WebCatalog for Postcards ? (1997)
Further tests with the infamous shipCost (1997)
Fwd: Problems with Webcatalog Plug-in (1997)