Hi WOW from my question about naming ARGS and VARS..
I want to thank William Conlon and everyone else for all the input. I have an app that is pure Witango with some JavaScript, so any issues about PHP etc just go right past me. However I looked closely at what William and everyone else mentioned. My TAFs use JavaScript buttons for navigation. I have designed/found these bits of JavaScript that allow me to navigate to a new window with a "FORM" and all "hidden items" and very limited SEARCH ARGS. The only item that shows in the URL is the file name i.e. "contact.taf?" everything else is passed as a hidden POSTARG. Then as you all suggested I can assign the POSTARG to a VAR and do validation checks. I have made a couple of assumptions that might or might not be correct? A hacker would have a hard time getting access to a 'hidden post arg' A hacker would have a hard time hacking into a report if the URL is limited to "xwww.root/contact.taf?" Am I missing something important? Thanks Again Janet ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
