Re: why am I getting an authenticate dialog with no [protect]?

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 36092
interpreted = N
texte = on 11.08.2000 19:08, Steven Jarvis at sjarvis@nwaonline.net wrote:> ...I'm actually passing an Append command to the db, > and I didn't have Append in the list of allowed non-admin commands, as Chris > Allman suggest. I added Append to that list and the problem is now solved! I recommend NOT to use commands at all. Anybody can alter your database by simply playing with the URL. Of course, in a limited way this is possibly with context's too, but better controllable by the programmer. Meaningful commands in the URL are an invitation for hobby-hackers. They only need some phantasy, experience or a Webcat manual to destroy your site... Peter ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  2. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  3. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  4. Re: why am I getting an authenticate dialog with no [protect]? (Peter Ostry 2000)
  5. Re: why am I getting an authenticate dialog with no [protect]? (Marty Schmid 2000)
  6. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  7. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  8. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  9. Re: why am I getting an authenticate dialog with no [protect]? (WebDNA Support 2000)
  10. Re: why am I getting an authenticate dialog with no [protect]? (Chris Allman 2000)
  11. Re: why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
  12. Re: why am I getting an authenticate dialog with no [protect]? (Joseph D'Andrea 2000)
  13. why am I getting an authenticate dialog with no [protect]? (Steven Jarvis 2000)
on 11.08.2000 19:08, Steven Jarvis at sjarvis@nwaonline.net wrote:> ...I'm actually passing an Append command to the db, > and I didn't have Append in the list of allowed non-admin commands, as Chris > Allman suggest. I added Append to that list and the problem is now solved! I recommend NOT to use commands at all. Anybody can alter your database by simply playing with the URL. Of course, in a limited way this is possibly with context's too, but better controllable by the programmer. Meaningful commands in the URL are an invitation for hobby-hackers. They only need some phantasy, experience or a Webcat manual to destroy your site... Peter ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Peter Ostry

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[writefile] and CR's (2001) Email truncation test (1998) WebCatalog for Mac 2.0.1 Released (1997) [WebDNA] Is [math] on a number with too many digits the only (2011) Wanted: More Math Functions (or, Can You Solve This?) (1997) (1998) security (1997) Showif, Hideif reverse logic ? (1997) Auto Submit (2000) WebDNA Feature Request (2006) WebCat2final1 crashes (1997) & in Lookups (1997) carriage returns in data (1997) Generating Report Totals (1997) expansion domain freak out (2003) Form Weirdness (2002) boldwords funky (1998) more info on [setlineitems] (1997) Emailer [cart] file names (1997) I'm tired of all this! (2000)