I have soooo been there. it's a lifesaver.
Steve
Nat Papovich wrote:
>
> But if you attributes scope that "dbupdated" variable, you might kiss
> yourself later. Imagine if, when demo-ing the yet unfinshed app to your
> client, for some inexplicable reason, dbupdated gets whacked or out of line
> somehow. It's expecting "Widget was added successfully", but it's getting
> "Widget added successfully". Now your app is broken until you access the
> source code and change the conditional to check for the different text
> string. But if, in the midst of this demo, you remember that dbupdated is
> attributes scoped, you can append
> "dbupdated=Widget%20was%20added%20successfully" to your url string, and it
> works! (provided that cfset was instead a cfparam, but you get the idea).
>
> Now before eveyone points out the obvious security loopholes here, I'll say
> it. IMPROPER CODING CREATES OBVIOUS SECURITY LOOPHOLES. This allows for
> greater flexibility, but more chance of things going "differently".
>
> Also, if you use attributes scope in your logic code, you can do cool stuff
> like post the search string to the url string so if a user wants to bookmark
> a search results page, they sure as heck can, because the your search
> results processing page will handle a search query via a form variable, url
> variable, or (heck) even attributes variable if you ever wanted to cfmodule
> your search circuit.
>
> 100%?
>
> -----Original Message-----
> From: Erik Voldengen [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 17, 2000 10:05 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: Need to toggle URL and FORM vars
>
> Nope. Now you are down to 97%.
>
> The VARIABLES scope is great for things like:
>
> <cfset dbupdated="Widget was added successfully">
>
> in an act file, and
>
> <cfoutput>#Variables.dbupdated#</cfoutput>
>
> in a dsp_ file that immediately follows that act_ file
> within the <CFCASE>.
>
> > -----Original Message-----
> > From: McCollough, Alan [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, July 17, 2000 9:58 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: RE: Need to toggle URL and FORM vars
> >
> >
> > Ah, the lightbulb is up to 98% on. So as a principle, do you
> > scope every
> > occurence of a variable with the attributes. prefix?
> >
> > Alan McCollough
> > Web Programmer
> > Alaska Native Medical Center
> ----------------------------------------------------------------------------
> --
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> ------------------------------------------------------------------------------
> To Unsubscribe visit
>http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
>message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
