Re: File Format Validation

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 63375
interpreted = N
texte = 1. I name the file myself on upload when I do the writefile of the form input. I don't use whatever filename the user uploads on the form. 2. This is a simple comparison of the first line to your string. If you have *nix, you can use [shell] to use the head command for the first line of the file for comparison. I don't know an easy way to grab the first line in webdna without loading the db into a template and performing grep or middle. This could present performance issues if the file is large. 3. You can probably do this at the command line in *nix but I've not done it. I don't know an easy way in webdna except by using grep on each line. Something like: [grep search=^(([a-zA-Z0-9]*)\t([a-zA-Z0-9]*)\t([a-zA-Z0-9]*)\t([a-zA-Z0 -9]*))$&replace=$1][theFile][/grep] should work but there will be complications with this in webdna since it will not remove the non-matching lines. You should also consider: a. Validating each field. For instance the you might want the sku field to be unique and to have a value. b. Stripping any javascript, html and webdna. The goal is to prevent an injection attack, i.e. code that you don't want running on your server. c. Making the db inaccessible until it passes all of your validations. d. Letting the user know where the errors were in the file so they can fix. On Nov 8, 2005, at 4:12 PM, Clint Davis wrote: > I'm allowing a client to upload a database file, but I want to verify > certain aspects. I will allow them to upload the file into a holding > area > where I'll perform the various checks below before flushing and > overwriting > the existing database. > > 1. Make sure the file name is EXACTLY ben_dealers.db > 2. Make sure the first line of the DB contains headers > 3. Make sure the file is tab-delimited > > I have the upload code working fine, but I've never done the checks > above. > Anyone have code to share on something like this? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: File Format Validation ( Clint Davis 2005)
  2. Re: File Format Validation ( William DeVaul 2005)
  3. Re: File Format Validation ( William DeVaul 2005)
  4. Re: File Format Validation ( Clint Davis 2005)
  5. File Format Validation ( Clint Davis 2005)
1. I name the file myself on upload when I do the writefile of the form input. I don't use whatever filename the user uploads on the form. 2. This is a simple comparison of the first line to your string. If you have *nix, you can use [shell] to use the head command for the first line of the file for comparison. I don't know an easy way to grab the first line in webdna without loading the db into a template and performing grep or middle. This could present performance issues if the file is large. 3. You can probably do this at the command line in *nix but I've not done it. I don't know an easy way in webdna except by using grep on each line. Something like: [grep search=^(([a-zA-Z0-9]*)\t([a-zA-Z0-9]*)\t([a-zA-Z0-9]*)\t([a-zA-Z0 -9]*))$&replace=$1][theFile][/grep] should work but there will be complications with this in webdna since it will not remove the non-matching lines. You should also consider: a. Validating each field. For instance the you might want the sku field to be unique and to have a value. b. Stripping any javascript, html and webdna. The goal is to prevent an injection attack, i.e. code that you don't want running on your server. c. Making the db inaccessible until it passes all of your validations. d. Letting the user know where the errors were in the file so they can fix. On Nov 8, 2005, at 4:12 PM, Clint Davis wrote: > I'm allowing a client to upload a database file, but I want to verify > certain aspects. I will allow them to upload the file into a holding > area > where I'll perform the various checks below before flushing and > overwriting > the existing database. > > 1. Make sure the file name is EXACTLY ben_dealers.db > 2. Make sure the first line of the DB contains headers > 3. Make sure the file is tab-delimited > > I have the upload code working fine, but I've never done the checks > above. > Anyone have code to share on something like this? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ William DeVaul

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Help formatting search results w/ table (1997) WebCat2b13 Mac plugin - [sendmail] and checkboxes (1997) MASTER_STORE revision (2002) [WebDNA] Code Library (2013) E-mailer error codes (1997) Typhoon Rev. and PCS store problems (1999) remove line item (2000) [WebDNA] DE/local problem? Database file could not be found or opened (2011) New Guestbook Source (1997) WebCatalog NT beta 18 now available (1997) Newbie problem blah blah blah (1997) Insert textfields with variables (2000) [WebDNA] max in a search (2009) The word TYPE in search contexts and fields (1998) OT: Let's see your workspace... (2005) RE: HTTP Header info (1997) Error Lob.db records error message not name (1997) Weird WebCatalog problems (1998) WCS Newbie question (1997) TEXT Variable (2003)