[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: MiniVend 3.12 close to release
****** message to minivend-users from Birgitt Funk <birgitt@minivend.com> ******
On Sat, 13 Feb 1999 mikeh@minivend.com wrote:
> ****** message to minivend-users from mikeh@minivend.com ******
>
> Dear All,
>
> I went ahead and added a fairly good file upload to MiniVend, at least
> I think it is OK. I put an application in the pages/reconfig directory.
> The [value-extended ...] tag to access it all is documented as well;
> for convenience I appended that to this message.
>
> Because of that, I figured I should do a rework of the UserDB password
> situation and they are now encrypted by default in the demo. If enough
> people feel strongly about this I will add the Variable MV_NO_CRYPT 1
> as the default.
Would it be possible to let web-users exclusively populate a product.asc
file via the form upload feature ? Is there a problem if two web-users are
writing to the product.asc file at the same time ? If the item number of
the products the web-users enters, is verifyable for its correctness
before it is written to the product.asc file and several web-users are
entering the same item number, could one combine the input with generating
a new item number to become the main key and the original item number as
subclass key. For example:
web user a enters item number 45 --> generates item code 45-1
web user b enters item number 45 --> generates item code 45-2
Others would search for item number 45, but the search result will display
the whole list of 45-1, 45-2, ... etc.
Does anyone can see a big boubou or security issue a non programmer
like me doesn't think about ? Any comments ?
Birgitt Funk
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
