Re: [listfiles] anomaly

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 50123
interpreted = N
texte = In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [listfiles] anomaly (Rob Marquardt 2003)
  2. Re: [listfiles] anomaly (Gary Krockover 2003)
  3. Re: [listfiles] anomaly (Daniel Schutzsmith 2003)
  4. [listfiles] anomaly (Joe D'Andrea 2003)
In the words of homer simpson: doh!On 5/7/03 1:02 PM, Joe D'Andrea wrote:> Couldn't figure out whether to label this an exploit, bug, oversight > or what... so I settled on anomaly. > > Put this in a template: > > [listfiles] > [filename] > [/listfiles] > > And you will get a list of the files in your WebSTAR root folder. It > doesn't matter where on your server you put the template, you will > always get a list of files in the W* root. > > Clearly, there is some coder error here as I left out the required > path= parameter. But since the docs clearly say that path= is a > required parameter, shouldn't WebCat protect me from myself when I > don't include a required parameter? > > I'm using w*4/macos9/wcat4.5, but what happens if a v5 sandbox user > leaves out the required parameter? Do they get access to stuff they > shouldn't? > > ~joe > ----------------------------- Daniel Schutzsmith Senior Web Developer Berlin Productions, Inc. dan@berlinprod.com http://www.berlinprod.com (914) 683-5759 (914) 683-5751 fax ----------------------------- ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Daniel Schutzsmith

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Summing fields (1997) Semi OT: vbulletin and # viewing - how do that do that? (2003) Help name our technology! (1997) Two prices in shoppingcart? (1997) passing search criteria (1997) Webcatalog quitting (1997) New Plug-in and Type 11 errors (1997) Webcat no longer supported? (2006) Inventory lookup & display... (2003) Replace Statement (1997) Letters as SKU (1998) emailer (1997) still facing truncated [texta] problem (2000) How far do [showif]s go? (1997) [lookup] is case-sensitive, [lookup] is case sensitive... (2003) [WebDNA] Sort by Row (2017) Make sure I understand this??? (1997) WebCatalog can't find database (1997) links page (2002) webdna users.db (2005)