Re: Undeclared variables

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 57509
interpreted = N
texte = As for the difference. That is insecure variables can be overridden by passing in a value, for example: say you have this in a template: [text show=f&secure=t]name=bob[/text] hi [name] how are you? the value of [name] will be bob unless you change it with another [text] context in your template. if you do this: [text show=f&secure=f]name=bob[/text] hi [name] how are you? someone can visit the URL and pass page.tpl?name=fred and the value in the text variable [name] will show fred not bob. ^^^^ As for when and why I personally care if a variable is secure, it really comes down to how important it is that your variables contain what you think they should. - Charles and someone visits On Apr 26, 2004, at 5:42 AM, Alan White wrote: > on 4/24/04 3:03 AM, charles kline at ckline@rightcode.net wrote: > >> I count on my variables being secure - if the application does not >> require it, then I see no problem with that method at all. > > I know these might sound like a silly questions but in what instances > is it > important to make variables secure and also what is the difference > (other > than the obvious secure and non) between them? > > i.e. > > [text secure=f]var1=[/text] > [text secure=t]var2=[/text] > > Thanks > Alan > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Undeclared variables ( Brian Fries 2004)
  2. Re: Undeclared variables ( Rob Marquardt 2004)
  3. Re: Undeclared variables ( Alan White 2004)
  4. Re: Undeclared variables ( charles kline 2004)
  5. Re: Undeclared variables ( Alan White 2004)
  6. Re: Undeclared variables ( Terry Wilson 2004)
  7. Re: Undeclared variables ( "WebDna @ Inkblot Media" 2004)
  8. Re: Undeclared variables ( Kenneth Grome 2004)
  9. Re: Undeclared variables ( charles kline 2004)
  10. Re: Undeclared variables ( Kenneth Grome 2004)
  11. Re: Undeclared variables ( charles kline 2004)
  12. Re: Undeclared variables ( Kenneth Grome 2004)
  13. Re: Undeclared variables ( devaulw@onebox.com 2004)
  14. Re: Undeclared variables ( charles kline 2004)
  15. Re: Undeclared variables ( Rob Marquardt 2004)
  16. Undeclared variables ( Terry Wilson 2004)
As for the difference. That is insecure variables can be overridden by passing in a value, for example: say you have this in a template: [text show=f&secure=t]name=bob[/text] hi [name] how are you? the value of [name] will be bob unless you change it with another [text] context in your template. if you do this: [text show=f&secure=f]name=bob[/text] hi [name] how are you? someone can visit the URL and pass page.tpl?name=fred and the value in the text variable [name] will show fred not bob. ^^^^ As for when and why I personally care if a variable is secure, it really comes down to how important it is that your variables contain what you think they should. - Charles and someone visits On Apr 26, 2004, at 5:42 AM, Alan White wrote: > on 4/24/04 3:03 AM, charles kline at ckline@rightcode.net wrote: > >> I count on my variables being secure - if the application does not >> require it, then I see no problem with that method at all. > > I know these might sound like a silly questions but in what instances > is it > important to make variables secure and also what is the difference > (other > than the obvious secure and non) between them? > > i.e. > > [text secure=f]var1=[/text] > [text secure=t]var2=[/text] > > Thanks > Alan > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/ > ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ charles kline

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

SV: WebCatalog on Windows 98 (2000) Country & Ship-to address & other fields ? (1997) Server problem? (1998) Secure server question (1997) Nested Includes (2001) Does TCPconnect/TCPsend do multiples? (2000) Starting Tomcat from [shell] (2006) possible, WebCat2.0 and checkboxes-restated (1997) PowerKey and PageSentry not playing nice (2000) Any way to retrieve information from clipboard? (1998) [ot] html question (2000) Protect vs Authenicate (1997) process SSI (1998) Windows nt service pack 3 upgrade (1997) [WebDNA] How to Grab link (2014) getting URL variable with '%20' in the variable name (2006) Purchase command error problem (1997) Misunderstanding?? (1997) retail integration (2000) unitshipcost vs shipcosts (1997)