[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

[ic] Re: [include pages/[mv_arg] ]

Subject: [ic] Re: [include pages/[mv_arg] ]
From: interchange-users@icdevgroup.org (Rene Hertell)
Date: Fri Sep 6 05:09:03 2002
In-reply-to: <E17nEAK-0008C5-00@mustang.cobolt.net>

> You should be more security aware !! The user can view any file
> in your catalog tree with the above code, e.g
> mv_arg=../products/access.asc

True, I did not think of that. But luckily this variable is not viewable in
the URL, because I use it in a redirecting actionmap (and the variable is
named something else as in my question :)

This is also a temporary solution. I had to find out a fast way in
converting an old site into a "Powered by Interchange" site. Later on I'll
add that included-stuff into a db.

Follow-Ups:
- [ic] Re: [include pages/[mv_arg] ]
  - From: interchange-users@icdevgroup.org (interchange-users@icdevgroup.org)

References:
- [ic] Re: [include pages/[mv_arg] ]
  - From: interchange-users@icdevgroup.org (interchange-users@icdevgroup.org)

Prev by Date: [ic] Re: [include pages/[mv_arg] ]
Next by Date: [ic] Re: Track Product Views
Previous by thread: [ic] Re: [include pages/[mv_arg] ]
Next by thread: [ic] Re: [include pages/[mv_arg] ]
Index(es):
- Date
- Thread