U++ forum: Welcome to the forum

Status & Roadmap

Authors & License

Funding Ultimate++

Search on this site

Search in forums

Home » Developing U++ » U++ Developers corner » Skylark reaching "beta" status, first 6 chapters of tutorial available..

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Return to the default flat view

Create a new topic

Submit Reply

Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. [message #36824 is a reply to message #36822]

Mon, 09 July 2012 19:28

mirek is currently offline

mirek
Messages: 13975
Registered: November 2005

Ultimate Member

zsolt wrote on Mon, 09 July 2012 10:03

Thanks Mirek!
Very valuable work.

One note: isn't it a security hole to get session variables using Http::operator[]? I can imagine a situation where user posts something with the name of the session variable, modifying its value.
It can be harmful if the user changes e.g. his/her user id in a web based system this way.

You have got me thinking, but fortunately this is not the case:

HTTP request values are put into shared variable space first, then the session is loaded, overwritting the same variables with session values.

Means: what is set by SessionSet cannot be changed by HTTP request.

OK, one possible issue: User could provide some value before is is created in session and it could have been mistakingly considered a session value...

Mirek

Report message to a moderator

Send a private message to this user

[Message index]

		Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Fri, 06 July 2012 17:13
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: dolik.rce on Sun, 08 July 2012 15:50
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Sun, 08 July 2012 20:59
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: lectus on Sun, 08 July 2012 17:48
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Sun, 08 July 2012 21:01
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: zsolt on Mon, 09 July 2012 16:03
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Mon, 09 July 2012 19:28
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: zsolt on Mon, 09 July 2012 19:43
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Mon, 09 July 2012 20:42
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: zsolt on Mon, 09 July 2012 21:19
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Mon, 09 July 2012 21:44
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: zsolt on Mon, 09 July 2012 22:42
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: forlano on Mon, 09 July 2012 23:08
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Tue, 10 July 2012 22:08
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: lectus on Thu, 26 July 2012 22:38
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: Alboni on Wed, 10 July 2013 16:12
		Re: Skylark reaching "beta" status, first 6 chapters of tutorial available.. By: mirek on Thu, 11 July 2013 07:52

Previous Topic:	Is U++ compatible with VC++ Express 2012?
Next Topic:	Another problem with MT (damn it... :()

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

PDF

]

Current Time: Mon Apr 29 15:33:02 CEST 2024

Total time taken to generate the page: 0.03217 seconds