Strange search/writefile issue

This WebDNA talk-list message is from

2004

It keeps the original formatting. numero = 55593
interpreted = N
texte = I have a strange write file and searching issue that maybe someone can shed some light on. I pass a variable called manufid in the URL. It has the format "123123 12312" without the quotes, i.e. some numbers, a space and more numbers. When it is loaded on the next page, it appears in the address location with the %20 for the space. I know that's normal and it has always worked fine. Here's where it gets a little weird. If there is a file with that manufid, nothing is supposed to happen. If the manufid does not exist, a small text file gets written named with the manufid and containing a list of links for that manufid based on a search. Now for the manufids I'm worried about, the files have existed and should not be rewritten. However it appears that some has changed the %20 to %2B. I know this because the *links* in the new manufid file have the %2B and the search appears to be partially working. I say partially because the links are ranges of results from "item 1" to "item 100" by 100 at a time. The number of ranges is correct, but the name for item 1 and item 100 are blank. What's weird is that the %2B character should translate into a "+" character and not a space. But the new manufid file gets written with a space and thus overwrites the old file eventhough it should not if the file already exists! In fact, I wouldn't care if the "hacked URL" files were written, but they are overwriting my good files. Manufid is used consistently throughout the page. I can't understand why happens. Is Windows converting the %2B to a space in the filename? I can upload files with a + via FTP. Is WebDNA stripping this character from the filename? I've now trapped the %2B to always convert to %20 so it can't happen any more, but why would this happen at all? When I noticed this, I started playing with the URL and changed the %20 to a %2B. It overwrote the old file. When I changed the %2B back and reloaded the page, it did not overwrite the old file, but when I deleted the new file and reloaded the page, the template made a new file that was correct. Whew!This is on a Windows server with WebDNA 5.1. Any thoughts on what is happening and how to code around it in the future? What I think is happening is that someone figured out how to overwrite files by changing a single character in the URL and has done this for many files on my server. I've at least trapped this for now by grepping out the %2B to %20. If I need to post some code, I'll have to clean it up first. Bill-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Strange search/writefile issue ( devaulw@onebox.com 2004)

I have a strange write file and searching issue that maybe someone can shed some light on. I pass a variable called manufid in the URL. It has the format "123123 12312" without the quotes, i.e. some numbers, a space and more numbers. When it is loaded on the next page, it appears in the address location with the %20 for the space. I know that's normal and it has always worked fine. Here's where it gets a little weird. If there is a file with that manufid, nothing is supposed to happen. If the manufid does not exist, a small text file gets written named with the manufid and containing a list of links for that manufid based on a search. Now for the manufids I'm worried about, the files have existed and should not be rewritten. However it appears that some has changed the %20 to %2B. I know this because the *links* in the new manufid file have the %2B and the search appears to be partially working. I say partially because the links are ranges of results from "item 1" to "item 100" by 100 at a time. The number of ranges is correct, but the name for item 1 and item 100 are blank. What's weird is that the %2B character should translate into a "+" character and not a space. But the new manufid file gets written with a space and thus overwrites the old file eventhough it should not if the file already exists! In fact, I wouldn't care if the "hacked URL" files were written, but they are overwriting my good files. Manufid is used consistently throughout the page. I can't understand why happens. Is Windows converting the %2B to a space in the filename? I can upload files with a + via FTP. Is WebDNA stripping this character from the filename? I've now trapped the %2B to always convert to %20 so it can't happen any more, but why would this happen at all? When I noticed this, I started playing with the URL and changed the %20 to a %2B. It overwrote the old file. When I changed the %2B back and reloaded the page, it did not overwrite the old file, but when I deleted the new file and reloaded the page, the template made a new file that was correct. Whew!This is on a Windows server with WebDNA 5.1. Any thoughts on what is happening and how to code around it in the future? What I think is happening is that someone figured out how to overwrite files by changing a single character in the URL and has done this for many files on my server. I've at least trapped this for now by grepping out the %2B to %20. If I need to post some code, I'll have to clean it up first. Bill-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ devaulw@onebox.com

DOWNLOAD WEBDNA NOW!

Strange search/writefile issue

2004

Top Articles:

Related Readings: