[FX.php List] [OFF] Filemaker Web Security?

Joel Shapiro jsfmp at earthlink.net
Fri Sep 5 14:09:34 MDT 2008


Do you mean setting the index language to unicode within FMP field  
definitions?

I realize that that can help with Case-Sensitivity, but how could it  
help with email addresses?  (since the =="xx" seems to allow for  
appropriate use of @ symbols)?

-Joel


On Sep 5, 2008, at 12:43 PM, Gjermund Gusland Thorsen wrote:

> And using unicode for language for the password field as well as
> unicode for the username; if it's an email, also helps.
>
> ggt
>
> 2008/9/5 Troy Meyers <tcmeyers at troymeyers.com>:
>> Joel,
>>
>> Thanks for the acknowledgment. Yes, testing with the two  
>> characters "* is a shocker!
>>
>> -Troy
>>
>>
>>> Whoa, thanks Troy!
>>>
>>> I know this list has bandied about on using double-equal '==' and
>>> quotes, a la:
>>>
>>>   '=="'.$_POST['user_name'].'"'
>>>
>>> as safe for logins, but read Troy's last line (below).  Then try
>>> entering a valid username and then "* (double-quote asterisk) as the
>>> password on a site where you've used that structure!
>>>
>>> It seems using preg_replace() at LEAST to strip double-quotes is
>>> really necessary afterall!
>>>
>>> Thanks Troy,
>>>
>>> -Joel
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



More information about the FX.php_List mailing list