Re: Re[2]: Re[3]: Problem with new formvariables

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 31221
interpreted = N
texte = Then we should use this hierarchy: - WebCatalog Internal Variables (i.e. [ipaddress]) - Text Secure [text] Variables - Passed Variables (i.e. [cart]) - Normal [text] Variables? Jesse Proudman - NineWire Productions http://www.ninewire.com <-> jesse@ninewire.com Innovative and Creative Web Design and Hosting> -----Original Message----- > From: webcatalog-beta@talk.smithmicro.com > [mailto:webcatalog-beta@talk.smithmicro.com]On Behalf Of > jpeacock@univpress.com > Sent: Tuesday, May 02, 2000 12:20 PM > To: webcatalog-beta@talk.smithmicro.com > Subject: Re[2]: Re[3]: Problem with new formvariables > > > Jesse - > > The only sensible level of security is one that you have to > explicitly _opt out > of_, not remember to enable. And the discussion at hand is not whether > variables defined within a template could be locked, but rather whether > variables passed as part of the command line could override > variables on the > template. > > i.e. index.shtml?ipaddress=10.0.0.1 > > currently overrides the system variable [ipaddress], which is > _highly_ insecure. > This can be rightly considered to be a bugfix, not an upgrade. > > John Peacock > > > ____________________Reply Separator____________________ > Subject: Re: Re[3]: Problem with new formvariables > Author: > Date: 5/2/2000 11:02 AM > > Are you saying that if you had: > > [text secure=t]SecureVar=T[/text] > [text]Securevar=f[/text] > > that the value would get to F? but it would be secure. > > The only way to change secure vars should be: > > [text secure=t]securevar=t[/text] > [text secure=t]securevar=f[/text] > > > Jesse Proudman - NineWire Productions > http://www.ninewire.com <-> jesse@ninewire.com > Innovative and Creative Web Design and Hosting > > > ############################################################# > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > To switch to the INDEX mode, E-mail to > > Send administrative queries to > > ############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Associated Messages, from the most recent to the oldest:

    
  1. Re[2]: Re[3]: Problem with new formvariables (jpeacock@univpress.com 2000)
  2. Re[2]: Re[3]: Problem with new formvariables (jpeacock@univpress.com 2000)
  3. Re: Re[2]: Re[3]: Problem with new formvariables (Jesse Proudman 2000)
Then we should use this hierarchy: - WebCatalog Internal Variables (i.e. [ipaddress]) - Text Secure [text] Variables - Passed Variables (i.e. [cart]) - Normal [text] Variables? Jesse Proudman - NineWire Productions http://www.ninewire.com <-> jesse@ninewire.com Innovative and Creative Web Design and Hosting> -----Original Message----- > From: webcatalog-beta@talk.smithmicro.com > [mailto:webcatalog-beta@talk.smithmicro.com]On Behalf Of > jpeacock@univpress.com > Sent: Tuesday, May 02, 2000 12:20 PM > To: webcatalog-beta@talk.smithmicro.com > Subject: Re[2]: Re[3]: Problem with new formvariables > > > Jesse - > > The only sensible level of security is one that you have to > explicitly _opt out > of_, not remember to enable. And the discussion at hand is not whether > variables defined within a template could be locked, but rather whether > variables passed as part of the command line could override > variables on the > template. > > i.e. index.shtml?ipaddress=10.0.0.1 > > currently overrides the system variable [ipaddress], which is > _highly_ insecure. > This can be rightly considered to be a bugfix, not an upgrade. > > John Peacock > > > ____________________Reply Separator____________________ > Subject: Re: Re[3]: Problem with new formvariables > Author: > Date: 5/2/2000 11:02 AM > > Are you saying that if you had: > > [text secure=t]SecureVar=T[/text] > [text]Securevar=f[/text] > > that the value would get to F? but it would be secure. > > The only way to change secure vars should be: > > [text secure=t]securevar=t[/text] > [text secure=t]securevar=f[/text] > > > Jesse Proudman - NineWire Productions > http://www.ninewire.com <-> jesse@ninewire.com > Innovative and Creative Web Design and Hosting > > > ############################################################# > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > To switch to the INDEX mode, E-mail to > > Send administrative queries to > > ############################################################# This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to To switch to the INDEX mode, E-mail to Send administrative queries to Jesse Proudman

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCat2b13MacPlugIn - More limits on [include] (1997) Large founditems loops (2000) Major bug report on rootbeer (1997) sendmail and accented characters (1998) Setting up WebCatalog with Retail Pro data (1996) Almost a there but..bye bye NetCloak (1997) Quick poll (2003) Searching for all records (1998) Applescript, WebDNA, and PDF (1997) WebDelivery downloads alias, not original ? (1997) So [OT] it's not even funny (2003) WebCatalog.acgi quitting with error Type 2 (1998) WebMerchant Error (1998) Snake Bites (1997) WebCat2b13MacPlugin - [math][date][/math] problem (1997) RE: OK, here goes... (1997) [isfile] ? (1997) emailer w/F2 (1997) New NT beta available (1997) Unexpected error (1997)