Re: Where is the secure setting for text variables?

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 54709
interpreted = N
texte = On 12/6/03 2:22 AM, "CN Stuff" wrote: > I was thinking I could pass something from the previous page that was > required on the posted page I could somehow thwart this loser. I guess > I will just go with the referrer. > > Thanks > > Dale Dale if you really want to stop this try this logic. On the submittal page, have a search tag that searches a key database. The database is simple.. One field SKU KEY 1 23456787654 That's it. The number is random. Set a trigger to be called say every 30 minutes or so that just calls a page that simply does 2 things: replaces sku record 1 with a random number. The replaces a key.inc that sits in globals or somewhere standard for you with the same number. Then on the form page the inc file is inserted into a variable and on the submittal the search string simply checks the key db against the value of the key.inc Whalla randomly rotating key number that updates itself automatically. There is a very small chance that someone who got the form before the number changed when submitting it would get a mismatched number. This is easily resolved, if you're really concerned about it, by simply using 2 numbers in the key.db. The 1 sku is the new number, and the 2 sku is the 1 sku moved down as number one is changed. This guarantees you will never get mismatched failure and it is pretty much as simple and secure. HTH Alex Alex J McCombie New World Media Chief Information Officer Box 124 888/892.6379 MartVille, NY 13111 Alex@NewWorldMedia.com http://OurClients.com Interface Designer WebDNA Programmer Database Designer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Where is the secure setting for text variables? ( "Dan Strong" 2003)
  2. Re: Where is the secure setting for text variables? ( CN Stuff 2003)
  3. Re: Where is the secure setting for text variables? ( Donovan Brooke 2003)
  4. Re: Where is the secure setting for text variables? ( Donovan Brooke 2003)
  5. Re: Where is the secure setting for text variables? ( John Peacock 2003)
  6. Re: Where is the secure setting for text variables? ( Glenn Busbin 2003)
  7. Re: Where is the secure setting for text variables? ( Brian Fries 2003)
  8. Re: Where is the secure setting for text variables? ( "Dan Strong" 2003)
  9. Re: Where is the secure setting for text variables? ( Alex McCombie 2003)
  10. Re: Where is the secure setting for text variables? ( Terry Wilson 2003)
  11. Re: Where is the secure setting for text variables? ( CN Stuff 2003)
  12. Re: Where is the secure setting for text variables? ( "Dan Strong" 2003)
  13. Re: Where is the secure setting for text variables? ( Jesse Proudman 2003)
  14. Where is the secure setting for text variables? ( CN Stuff 2003)
On 12/6/03 2:22 AM, "CN Stuff" wrote: > I was thinking I could pass something from the previous page that was > required on the posted page I could somehow thwart this loser. I guess > I will just go with the referrer. > > Thanks > > Dale Dale if you really want to stop this try this logic. On the submittal page, have a search tag that searches a key database. The database is simple.. One field SKU KEY 1 23456787654 That's it. The number is random. Set a trigger to be called say every 30 minutes or so that just calls a page that simply does 2 things: replaces sku record 1 with a random number. The replaces a key.inc that sits in globals or somewhere standard for you with the same number. Then on the form page the inc file is inserted into a variable and on the submittal the search string simply checks the key db against the value of the key.inc Whalla randomly rotating key number that updates itself automatically. There is a very small chance that someone who got the form before the number changed when submitting it would get a mismatched number. This is easily resolved, if you're really concerned about it, by simply using 2 numbers in the key.db. The 1 sku is the new number, and the 2 sku is the 1 sku moved down as number one is changed. This guarantees you will never get mismatched failure and it is pretty much as simple and secure. HTH Alex Alex J McCombie New World Media Chief Information Officer Box 124 888/892.6379 MartVille, NY 13111 Alex@NewWorldMedia.com http://OurClients.com Interface Designer WebDNA Programmer Database Designer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Alex McCombie

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Showing unopened cart (1997) webcat2b12 CGI -- Date comparisons (1997) Shipping rate x Quantity solution needed (2000) Exists? (1997) How to append text after the sign & (1997) 2.0Beta Command Ref (can't find this instruction) (1997) One more browser problem to watch out for... (1997) unable to launch acgi in WebCat (1997) Generating a random image, but avoiding repeated images. (1999) Search group and ww (2003) ooops...WebCatalog [FoundItems] Problem - LONG - (1997) [WebDNA] export db data for importing into Microsoft Outlook calendar? (2011) grouped fields? (1999) spreadsheet interface (1998) How To question on setting up downloads (1997) too many nested tags ... (1997) Forumulas.db & Variables (2002) international time (1997) auto adding SKUs w/DB helper (1998) WebCat2b12 Mac.acgi--[searchstring] bug (1997)