I guess we need to test this some time. I neer use LiveCode's built-in SQL commands, but when I have some time I'll try putting SQL syntax into the variables.
I am currently doing the 'Business Academy' offered by RunRev, and the latest daily lesson is about performing SQL queries. During the ...
Search found 15 matches
- Sun May 27, 2012 2:41 am
- Forum: Databases
- Topic: How To Protect Against SQL Injection Attack?
- Replies: 17
- Views: 43582
- Mon May 21, 2012 7:18 am
- Forum: Getting Started with LiveCode - Complete Beginners
- Topic: Option Menu - Labels & Values
- Replies: 3
- Views: 4915
Option Menu - Labels & Values
Hi all!
Often when we show an option menu, the value that the user 'picks' from the menu is not actually the value we want stored. For instance, I have an option menu that shows the names of the countries of the world for the user to pick. However, I do not want to store the full name of the ...
Often when we show an option menu, the value that the user 'picks' from the menu is not actually the value we want stored. For instance, I have an option menu that shows the names of the countries of the world for the user to pick. However, I do not want to store the full name of the ...
- Mon May 14, 2012 10:44 am
- Forum: Databases
- Topic: How To Protect Against SQL Injection Attack?
- Replies: 17
- Views: 43582
Re: How To Protect Against SQL Injection Attack?
@bangkok, thank you for the suggestions:
I believe the best system is a multiple system :
-the desktop app would send only "parameters"
-a mixing of "hard coded" queries on the server (UPDATE mytable set XX=parameter1 WHERE BB=parameter2, therefore if the hacker sends a subquery nested in the ...
I believe the best system is a multiple system :
-the desktop app would send only "parameters"
-a mixing of "hard coded" queries on the server (UPDATE mytable set XX=parameter1 WHERE BB=parameter2, therefore if the hacker sends a subquery nested in the ...
- Mon May 14, 2012 10:23 am
- Forum: Version Control
- Topic: Version Control
- Replies: 25
- Views: 469414
Re: Version Control
Thank you very much for this hint - this is the kind of thing that is useful for us, newbies:
If you set the destroystack property of the stack to true it won't stay in memory when you close it. Then you won't have to remember to do anything special.
There's a preference that automatically ...
If you set the destroystack property of the stack to true it won't stay in memory when you close it. Then you won't have to remember to do anything special.
There's a preference that automatically ...
- Mon May 14, 2012 10:15 am
- Forum: Mac OS
- Topic: OS X Mountain Lion
- Replies: 14
- Views: 23077
Re: OS X Mountain Lion
I think I just found the answer to my own question re: sandboxing, here:
http://forums.runrev.com/viewtopic.php? ... 024#p51406
http://forums.runrev.com/viewtopic.php? ... 024#p51406
- Mon May 14, 2012 10:12 am
- Forum: Mac OS
- Topic: OS X Mountain Lion
- Replies: 14
- Views: 23077
Re: OS X Mountain Lion
Many thanks for the report.
One question I have is in regards to "Gatekeeper", and code-signing. Are LiveCode desktop apps able to be code-signed - ie., gatekeeper-ready?
One question I have is in regards to "Gatekeeper", and code-signing. Are LiveCode desktop apps able to be code-signed - ie., gatekeeper-ready?
- Mon May 14, 2012 10:09 am
- Forum: Databases
- Topic: LiveCode security
- Replies: 19
- Views: 25901
Re: LiveCode security
Hi, Edoardo,
Security is a very complex area, where there is never a 'one solution fits all' answer. You have to know what you are doing, otherwise you can easily expose and compromise your (or your client's) data. I've had a situation, for instance, where a client's disgruntled ex-employee ...
Security is a very complex area, where there is never a 'one solution fits all' answer. You have to know what you are doing, otherwise you can easily expose and compromise your (or your client's) data. I've had a situation, for instance, where a client's disgruntled ex-employee ...
- Wed May 09, 2012 4:08 am
- Forum: Software Engineering
- Topic: Need to Open Protected Hypercard Stack
- Replies: 6
- Views: 50091
Re: Need to Open Protected Hypercard Stack
"Unprotect XCMD" seems to be here (apologies, but apparently my account does not allow me to post URLs...):
http(colon, slash, slash)macgui.com(slash)downloads(slash)?file_id=19167
http(colon, slash, slash)macgui.com(slash)downloads(slash)?file_id=19167
- Wed May 09, 2012 3:49 am
- Forum: Version Control
- Topic: Version Control
- Replies: 25
- Views: 469414
Re: Version Control
I am currently 'playing' with a trial version of LiveCode 5.5. Like you, I am also used to version control systems, in particular Git.
It is quite possible to use version control to do 'project-wide' operations, like: branching, merging, and reverting to previous commits.
Although the '.livecode ...
It is quite possible to use version control to do 'project-wide' operations, like: branching, merging, and reverting to previous commits.
Although the '.livecode ...
- Wed May 09, 2012 2:06 am
- Forum: Databases
- Topic: How To Protect Against SQL Injection Attack?
- Replies: 17
- Views: 43582
Re: How To Protect Against SQL Injection Attack?
Mark, thank you very much for the - very quick - response:
The safest way is to hardcode your queries. Rather than sending complete queries from the desktop app to the server, only send a code and some data to the server. The code refers to a particular query and the data completes the query ...
The safest way is to hardcode your queries. Rather than sending complete queries from the desktop app to the server, only send a code and some data to the server. The code refers to a particular query and the data completes the query ...
- Wed May 09, 2012 1:23 am
- Forum: Databases
- Topic: How To Protect Against SQL Injection Attack?
- Replies: 17
- Views: 43582
Re: How To Protect Against SQL Injection Attack?
@Mark, thank you for the input:
If you're using commands like revExecuteSQL, it means that your web host allows for external access to the MySQL database server.
I am actually developing a desktop app that is going to access data stored in a MySQL database running in the On-Rev servers. So I'll ...
If you're using commands like revExecuteSQL, it means that your web host allows for external access to the MySQL database server.
I am actually developing a desktop app that is going to access data stored in a MySQL database running in the On-Rev servers. So I'll ...
- Tue May 08, 2012 6:55 am
- Forum: Databases
- Topic: How To Protect Against SQL Injection Attack?
- Replies: 17
- Views: 43582
How To Protect Against SQL Injection Attack?
Hi all,
I am writing an app that will process user data in and out of a database. The user data may be tainted or malicious. As far as I can tell, the LiveCode database commands like 'revQueryDatabase' and 'revExecuteSQL' do not automatically sanitise data that is passed to them via placeholder ...
I am writing an app that will process user data in and out of a database. The user data may be tainted or malicious. As far as I can tell, the LiveCode database commands like 'revQueryDatabase' and 'revExecuteSQL' do not automatically sanitise data that is passed to them via placeholder ...
- Tue May 08, 2012 1:54 am
- Forum: CGIs and the Server
- Topic: Can the HTTP Response Code Be Changed?
- Replies: 1
- Views: 4920
Re: Can the HTTP Response Code Be Changed?
Worked it out on my own - posting what I found here, for future reference by others, and in case someone else may have a different solution.
In order to set the HTTP response's status code, before sending any output to the client, set a 'status' header, like this:
put header "Status: 405 Method ...
In order to set the HTTP response's status code, before sending any output to the client, set a 'status' header, like this:
put header "Status: 405 Method ...
- Sun May 06, 2012 1:14 pm
- Forum: Getting Started with LiveCode - Experienced Developers
- Topic: RSA Public/Private Key Encryption
- Replies: 4
- Views: 15106
Re: RSA Public/Private Key Encryption
Apologies for the long post, but I hope that it will answer you question.
-----------------------------------------------------
ENCRYPTING DATA WITH AES
-----------------------------------------------------
There are many ways to encrypt data, using mathematical methods called 'ciphers'. As clever ...
-----------------------------------------------------
ENCRYPTING DATA WITH AES
-----------------------------------------------------
There are many ways to encrypt data, using mathematical methods called 'ciphers'. As clever ...
- Sun May 06, 2012 11:25 am
- Forum: CGIs and the Server
- Topic: Can the HTTP Response Code Be Changed?
- Replies: 1
- Views: 4920
Can the HTTP Response Code Be Changed?
Hi all,
I am trying to setup a RESTful server in On-Rev. If the client is trying to perform an operation at a certain URL, and that operation is not allowed - ie., the client is trying to 'POST' information to a URL that only accepts 'GET' requests - then my response should contain a "405" status ...
I am trying to setup a RESTful server in On-Rev. If the client is trying to perform an operation at a certain URL, and that operation is not allowed - ie., the client is trying to 'POST' information to a URL that only accepts 'GET' requests - then my response should contain a "405" status ...