Archive of UserLand's first discussion group, started October 5, 1998.

Re: Source release of Prefs.UserLand.Com

Author:Eric Soroos
Posted:5/18/1999; 10:28:24 PM
Topic:Source release of Prefs.UserLand.Com
Msg #:6457 (In response to 6265)
Prev/Next:6456 / 6458

A couple of thoughts:

  1. It would be nice to be able to edit prefs anywhere in an odb. Perhaps it would be possible to have an optional parameter in the panel declaration.
  2. It would also be nice (or necessary, depending on your answer to the first item) to verify the incoming post args against the addresses in the wizard panel list. As it stands right now, I think I can create an arbitrary entry in my member table. It's not that much of a security hole right now, since all I can do is mess my own prefs up.

    Looking at the code (prefsSite.default), it seems that you'd need to move the if method==post block inside the area that has adrWizzard in scope. Then if your partialAddress == one of the item./atts.address, process the directive.


This page was archived on 6/13/2001; 4:50:17 PM.

© Copyright 1998-2001 UserLand Software, Inc.