[FX.php List] [OFF] Filemaker Web Security?
Joel Shapiro
jsfmp at earthlink.net
Fri Sep 5 14:09:34 MDT 2008
Do you mean setting the index language to unicode within FMP field
definitions?
I realize that that can help with Case-Sensitivity, but how could it
help with email addresses? (since the =="xx" seems to allow for
appropriate use of @ symbols)?
-Joel
On Sep 5, 2008, at 12:43 PM, Gjermund Gusland Thorsen wrote:
> And using unicode for language for the password field as well as
> unicode for the username; if it's an email, also helps.
>
> ggt
>
> 2008/9/5 Troy Meyers <tcmeyers at troymeyers.com>:
>> Joel,
>>
>> Thanks for the acknowledgment. Yes, testing with the two
>> characters "* is a shocker!
>>
>> -Troy
>>
>>
>>> Whoa, thanks Troy!
>>>
>>> I know this list has bandied about on using double-equal '==' and
>>> quotes, a la:
>>>
>>> '=="'.$_POST['user_name'].'"'
>>>
>>> as safe for logins, but read Troy's last line (below). Then try
>>> entering a valid username and then "* (double-quote asterisk) as the
>>> password on a site where you've used that structure!
>>>
>>> It seems using preg_replace() at LEAST to strip double-quotes is
>>> really necessary afterall!
>>>
>>> Thanks Troy,
>>>
>>> -Joel
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list