Re: where to put code

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 19326
interpreted = N
texte = >I personally prefer to use the context method on resulting pages. There I >can see the code at once, which makes it easier to understand. Anyway - I >do not like these long ugly URL's... And if one uses Replace or Delete >in a link, then this command has to be allowed for user input and therefore >some funny guy can destroy the database by simply playing with the URL. >There can be situation when commands in th URL make sense, but my personal >recommendation is to use contexts like [search...] on the target page >whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________ Institut Balear de Comunicacions, S.L. Gremio Tejedores 22, 1 07009 Palma de Mallorca, Spain _____________________________________________ Tel: +34 971.43.12.77 Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.es URL: http://www.ibacom.es/ _____________________________________________ Public PGP signature (Clave publica PGP): http://www.ibacom.es/PGP/kefauver.txt _______________________________________________________________ Associated Messages, from the most recent to the oldest:

    
  1. Re: where to put code (Paul Uttermohlen 1998)
  2. Re: where to put code (Charles Kefauver 1998)
  3. Re: where to put code (Dave MacLeay 1998)
  4. Re: where to put code (Peter Ostry 1998)
  5. Re: where to put code (Charles Kefauver 1998)
  6. Re: where to put code (Kenneth Grome 1998)
  7. Re: where to put code (Kenneth Grome 1998)
  8. Re: where to put code (Kevin Furuta 1998)
  9. Re: where to put code (John Hill 1998)
  10. Re: where to put code (Sue Ann Sanders 1998)
  11. Re: where to put code (Sue Ann Sanders 1998)
  12. Re: where to put code (Peter Ostry 1998)
  13. Re: where to put code (Kenneth Grome 1998)
  14. where to put code (Sue Ann Sanders 1998)
>I personally prefer to use the context method on resulting pages. There I >can see the code at once, which makes it easier to understand. Anyway - I >do not like these long ugly URL's... And if one uses Replace or Delete >in a link, then this command has to be allowed for user input and therefore >some funny guy can destroy the database by simply playing with the URL. >There can be situation when commands in th URL make sense, but my personal >recommendation is to use contexts like [search...] on the target page >whenever you can.I agree. I do so myself. I have gone so far as disabling ALL URL commands except for ShowPage, and added a WebStar Realm with a .db match string for even more security.Of course that this has forced me to change a lot of code in the General Store, but I feel much safer this way...Now, if I could only disable certain commands, like [AppleScript], I would be happier still.Charles_______________________________________________________________ Institut Balear de Comunicacions, S.L. Gremio Tejedores 22, 1 07009 Palma de Mallorca, Spain _____________________________________________ Tel: +34 971.43.12.77 Fax: +34 971.43.08.18 E-mail: ckefauver@ibacom.es URL: http://www.ibacom.es/ _____________________________________________ Public PGP signature (Clave publica PGP): http://www.ibacom.es/PGP/kefauver.txt _______________________________________________________________ Charles Kefauver

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Success Stories (1997) Understanding texta (1997) Database Security (1998) New reserved words for [tags] (2000) [WebDNA] Session timeout solution (2010) Incompatibility with WebCat 3 templates ... (2000) WebCatalog [FoundItems] Problem - AGAIN - (1997) Emailer setup (1997) SSL and Webstar 3 with Webcatalog (1998) [OT] WebDNA and MyODBC (2003) [WebDNA] 64-bit Debian 6 with Lighttpd and WebDNA 7.1 (2012) WebCat Contest (1998) Re:2nd WebCatalog2 Feature Request (1996) Extended [ConvertChars] (1997) Adding Multiple Items to Shopping Cart from a Results page (1997) 404 error -- but wc code executes... (2001) [WebDNA] Multiplication Math Test (2008) about this server and links to who (1997) Forms Search Questions (1997) Requiring that certain fields be completed (1997)