Re: Undeclared variables
This WebDNA talk-list message is from 2004
It keeps the original formatting.
numero = 57509
interpreted = N
texte = As for the difference. That is insecure variables can be overridden by passing in a value, for example:say you have this in a template:[text show=f&secure=t]name=bob[/text]hi [name] how are you?the value of [name] will be bob unless you change it with another [text] context in your template.if you do this:[text show=f&secure=f]name=bob[/text]hi [name] how are you?someone can visit the URL and passpage.tpl?name=fredand the value in the text variable [name] will show fred not bob. ^^^^As for when and why I personally care if a variable is secure, it really comes down to how important it is that your variables contain what you think they should.- Charlesand someone visitsOn Apr 26, 2004, at 5:42 AM, Alan White wrote:> on 4/24/04 3:03 AM, charles kline at ckline@rightcode.net wrote:>>> I count on my variables being secure - if the application does not>> require it, then I see no problem with that method at all.>> I know these might sound like a silly questions but in what instances > is it> important to make variables secure and also what is the difference > (other> than the obvious secure and non) between them?>> i.e.>> [text secure=f]var1=[/text]> [text secure=t]var2=[/text]>> Thanks> Alan>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list
.> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
As for the difference. That is insecure variables can be overridden by passing in a value, for example:say you have this in a template:[text show=f&secure=t]name=bob[/text]hi [name] how are you?the value of [name] will be bob unless you change it with another [text] context in your template.if you do this:[text show=f&secure=f]name=bob[/text]hi [name] how are you?someone can visit the URL and passpage.tpl?name=fredand the value in the text variable [name] will show fred not bob. ^^^^As for when and why I personally care if a variable is secure, it really comes down to how important it is that your variables contain what you think they should.- Charlesand someone visitsOn Apr 26, 2004, at 5:42 AM, Alan White wrote:> on 4/24/04 3:03 AM, charles kline at ckline@rightcode.net wrote:>>> I count on my variables being secure - if the application does not>> require it, then I see no problem with that method at all.>> I know these might sound like a silly questions but in what instances > is it> important to make variables secure and also what is the difference > (other> than the obvious secure and non) between them?>> i.e.>> [text secure=f]var1=[/text]> [text secure=t]var2=[/text]>> Thanks> Alan>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
charles kline
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
SV: WebCatalog on Windows 98 (2000)
Country & Ship-to address & other fields ? (1997)
Server problem? (1998)
Secure server question (1997)
Nested Includes (2001)
Does TCPconnect/TCPsend do multiples? (2000)
Starting Tomcat from [shell] (2006)
possible, WebCat2.0 and checkboxes-restated (1997)
PowerKey and PageSentry not playing nice (2000)
Any way to retrieve information from clipboard? (1998)
[ot] html question (2000)
Protect vs Authenicate (1997)
process SSI (1998)
Windows nt service pack 3 upgrade (1997)
[WebDNA] How to Grab link (2014)
getting URL variable with '%20' in the variable name (2006)
Purchase command error problem (1997)
Misunderstanding?? (1997)
retail integration (2000)
unitshipcost vs shipcosts (1997)