[FX.php List] * and login

Stephen Knight stephen at fmwebschool.com
Tue Oct 31 19:30:34 MST 2006


Hi Jose,

Thank you for your very kind words.  I have had a lot of request for movies
on FMStudio, and I am very glad that you were able to find a solution using
our product.  I have finally had a few moments to make some of the movies
requested.  The largest one, Site Builder demonstrates a 6 page website
built in just a matter of minutes.  (Includes ability to edit, delete, add,
search, etc...)

Also an important thing to remember is that you can use both FX.php and the
new API for PHP, FMStudio is coded for both :)

The movies are available here:

Site Builder
http://www.fmwebschool.com/movies/fmstudio_user/sitebuilder/sitebuilder.html
Portal Region:
http://www.fmwebschool.com/movies/fmstudio_user/PortalRegion/portals/portals
.html
Single Record Table:
http://www.fmwebschool.com/movies/fmstudio_user/SingleRecordTable/single_rec
_table/single_rec_table.html
Code Hinting and Coloring:
http://www.fmwebschool.com/movies/fmstudio_user/codehint_color/codehint_colo
r/codehint_color.html 

I hope this is helpful!


In Kindness
Stephen K Knight
http://www.fmwebschool.com
800.353.7950 / 386.453.5843
FMWebschool, we bring the web to life 
FX.PHP PHP XML MySQL CDML ASP

CONFIDENTIALITY NOTICE: This Electronic Mail (e-mail) contains confidential
and privileged information intended only for the use of the individual or
entity to which it is sent. If the reader of this message is not the
intended recipient, or the employee or agent responsible for delivery to the
intended recipient, you are hereby notified that any dissemination,
distribution, or copying of this communication is STRICTLY PROHIBITED. If
you have received this communication in error, please immediately notify the
sender by reply e-mail or telephone.

-----Original Message-----
From: fx.php_list-bounces at mail.iviking.org
[mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Jose Sevoya
Sent: Tuesday, October 31, 2006 11:19 AM
To: FX.php Discussion List
Subject: Re: [FX.php List] * and login

Hi Alex,

That is quite amazing that we thought of the same things when watching those
movies! As for how it works, I took the liberty of exploring the bundled
files that come with it and it seems that there is a whole file of
functions(FMStudio_Tools.php) that includes some interesting code.
Specifically the disable wildcards code looks like a mix of regular
expressions and a few other string manipulators to achieve proper "\" based
escape sequences.

As for my thoughts on FMStudio, even though I am quite new to PHP and it is
very helpful not needing to write any code at all to make sites
- I am now comfortable enough with PHP to explore the code a bit and I would
say FMStudio is certainly worth it. The main point that I can think of in
your case is that even though you have a good understanding of queries,
making a page with a results table in under
3 minutes can be an amazing time saver. I can see myself using FMStudio to
create a skeleton of a whole project for a client in under an hour and then
be able to tweak specific sections as needed instead of spending hours
creating queries manually on each page.

I was also quite impressed with their support and dedication to answering
some questions I had about working with portals - which turned out to be
extremely simple once I understood the concept of repeating regions in
Dreamweaver.

Best,
Jose

On 10/31/06, Alex Gates <alex at gandrpublishing.com> wrote:
> Jose-
>
> Thanks for your reply... the interesting thing is that I had the idea 
> to try out * after watching the FMStudio videos... and I did see their 
> disable wildcard option - - I'd be curious to see how the "disable 
> wildcard" code looks...
>
> What are your thoughts on FMStudio?  Do you feel that if you have a 
> pretty good understanding of performing queries and working with 
> arrays in php that the FMStudio may not be so helpful?  Or, even if 
> you've become quite familiar with queries and arrays, is FMStudio 
> still worth it?
>
> Alex P. Gates
>
> -----Original Message-----
> From: fx.php_list-bounces at mail.iviking.org
> [mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Jose Sevoya
> Sent: Tuesday, October 31, 2006 9:28 AM
> To: FX.php Discussion List
> Subject: Re: [FX.php List] * and login
>
> Hi Alex,
>
> When I read your message I immediately thought of FMStudio by 
> FMWebschool. One of their tutorial videos
> (http://www.fmwebschool.com/movies/fmstudio/login/login.html) shows 
> how to build a login solution. The interesting part is that their 
> product has a "disable wildcards" feature when specifying data 
> received from the user.
>
> I have just tried it with my copy of FMStudio, and what do you know - 
> the * trick it did not work, it has been such a time saver so far!
>
> As for other fields that can be used as wild card matches, there is 
> the "@" character to replace sections of words as well as other 
> special characters. The most secure way is actually to escape the 
> special characters by adding a "\" before them, that would make the * 
> for example a literal '*' character.
>
> Best,
> Jose
>
> On 10/31/06, Alex Gates <alex at gandrpublishing.com> wrote:
> > ggt-
> >
> > The foundcount is 3 - and that's the total number user/pass combos I 
> > have.
> > So, it finds them all.
> >
> > Andy's trick worked - -  Tom's method does, too.
> > Are they both equally secure?
> >
> >
> >
> > Alex P. Gates
> >
> > -----Original Message-----
> > From: fx.php_list-bounces at mail.iviking.org
> > [mailto:fx.php_list-bounces at mail.iviking.org] On Behalf Of Gjermund 
> > Gusland Thorsen
> > Sent: Tuesday, October 31, 2006 7:35 AM
> > To: FX.php Discussion List
> > Subject: Re: [FX.php List] * and login
> >
> > what is then the value of foundCount?
> >
> > ggt667
> >
> > On 10/31/06, Alex Gates <alex at gandrpublishing.com> wrote:
> > > Hi everyone-
> > >
> > > I've realized that my login can easily be compromised!  Thankfully 
> > > I figured this out early in the development process.
> > >
> > > If I enter * for username and * for password, it logs me in as the 
> > > latest registered user.
> > >
> > > This is my search syntax:
> > >
> > >         $lookup=new FX($serverIP,$webCompanionPort,'FMPro7');
> > >         $lookup->SetDBData('Web_Cookbook_Dev.fp7','WebLogin');
> > >         $lookup->SetDBPassword('xxxxxx','xxxxxxxx');
> > >         $lookup->AddDBParam('Username', $username, 'eq');
> > >         $lookup->AddDBParam('Password', $password, 'eq');
> > >         $lookupResult=$lookup->FMFind();
> > >         $foundResult=$lookupResult['foundCount'];
> > >
> > >
> > > I'm sorry if this has been covered - I searched the archives but I 
> > > didn't find anything.
> > >
> > > Is there a way I can modify this search syntax so * can't be used
> for
> > > username and password to log in?
> > >
> > > Wow - I never realized this was a possibility... I just randomly
> tried
> > > it this morning and was shocked at the result...
> > >
> > > Thanks in advance!
> > >
> > > Alex
> > >
> > >
> > > _______________________________________________
> > > FX.php_List mailing list
> > > FX.php_List at mail.iviking.org
> > > http://www.iviking.org/mailman/listinfo/fx.php_list
> > >
> > _______________________________________________
> > FX.php_List mailing list
> > FX.php_List at mail.iviking.org
> > http://www.iviking.org/mailman/listinfo/fx.php_list
> >
> >
> >
> >
> > _______________________________________________
> > FX.php_List mailing list
> > FX.php_List at mail.iviking.org
> > http://www.iviking.org/mailman/listinfo/fx.php_list
> >
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
>
>
>
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
>
_______________________________________________
FX.php_List mailing list
FX.php_List at mail.iviking.org
http://www.iviking.org/mailman/listinfo/fx.php_list





More information about the FX.php_List mailing list