Re: secret [cmd] variable?

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 59957
interpreted = N
texte = Cmd is short for command. If you look in the WebCat Admin, there is a section that says Only the following commands may be issued by non-administrators ShowPage, Search, FlushCache, ShowCart, Add, Remove, NewCart, Purchase, NewCartSearch, Clear That is why you get the Authentication Box. If all commands are allowed, someone could issue the delete command on one of your databases and wipe it out right from the browser. They would have to know where it was located and the name of the db but that would not be hard to figure out in a StoreBuilder site. Sal D'Anna -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Terry Wilson Sent: Tuesday, November 09, 2004 11:11 AM To: WebDNA Talk Subject: secret [cmd] variable? I stumbled upon something rather interesting today. In trying to test the results in a PayPal submit/return form without actually submitting to PayPal, I changed the form tag to go to my landing page instead of PayPal. I kept getting a browser authentication box, and narrowed it down to: I ran some experiments, and if its value is "T" or "F", you get a "Webcat doesn't understand the command "T" (or "F"). Anything else I tried throws up the authentication box (and BTW I don't have any realm protection on that directory). What's up with this secret variable name? Terry ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: secret [cmd] variable? ( Terry Wilson 2004)
  2. Re: secret [cmd] variable? ( Kenneth Grome 2004)
  3. Re: secret [cmd] variable? ( "Sal D'Anna" 2004)
  4. Re: secret [cmd] variable? ( "WebDna @ Inkblot Media" 2004)
  5. secret [cmd] variable? ( Terry Wilson 2004)
Cmd is short for command. If you look in the WebCat Admin, there is a section that says Only the following commands may be issued by non-administrators ShowPage, Search, FlushCache, ShowCart, Add, Remove, NewCart, Purchase, NewCartSearch, Clear That is why you get the Authentication Box. If all commands are allowed, someone could issue the delete command on one of your databases and wipe it out right from the browser. They would have to know where it was located and the name of the db but that would not be hard to figure out in a StoreBuilder site. Sal D'Anna -----Original Message----- From: WebDNA Talk [mailto:WebDNA-Talk@talk.smithmicro.com] On Behalf Of Terry Wilson Sent: Tuesday, November 09, 2004 11:11 AM To: WebDNA Talk Subject: secret [cmd] variable? I stumbled upon something rather interesting today. In trying to test the results in a PayPal submit/return form without actually submitting to PayPal, I changed the form tag to go to my landing page instead of PayPal. I kept getting a browser authentication box, and narrowed it down to: I ran some experiments, and if its value is "T" or "F", you get a "Webcat doesn't understand the command "T" (or "F"). Anything else I tried throws up the authentication box (and BTW I don't have any realm protection on that directory). What's up with this secret variable name? Terry ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ "Sal D'Anna"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Subtotal Not Calculated on Invoice.html (1998) database visibility (2000) tcpconnect timeout with Authorizenet (2003) Why are some admin pages not encrypted? (2000) credit card (1997) # fields limited? (1997) RE: Questions To Answer (1997) POSTing to a secure server ... (2000) Country & Ship-to address & other fields ? (1997) [shownext] and descending order (1997) [item] appears after 'remove last item' ... (1997) syntax question, not in online refernce (1997) [WebDNA] Triggers not working (2014) triggers.db (1999) ShipCosts database (1997) Amusement (2004) WebCat Problem? (1999) multiple selected Checkboxes (1998) Browser Problem?!? POST forms and NN 4.0+ browsers (1997) carriage returns in data (1997)