Passing Parameters

Phil Davis revdev at pdslabs.net
Mon Nov 7 14:36:52 EST 2011


Yes!
My example was mostly built on a 'lab experiment' model.

Phil


On 11/7/11 7:52 AM, Richard Gaskin wrote:
> Phil Davis wrote:
>
>> On Mac OS X, you can do it from the command line.
>>
>> 1) create a standalone app (named "Untitled1" in this example) that has this
>> stack script:
>>
>>     on startup
>>          dispatch $1 to me
>>          quit
>>     end startup
>
> As an example of how to use environment variables that's an excellent one, but 
> for production work it may pay to be a little paranoid, taking the view that 
> an API like a command line is a potential point of security exposure.
>
> Rather than execute anything that comes in on the command line, we could 
> instead parse it to ensure it meets a list of acceptable commands:
>
> on startup
>   switch word 1 of $1
>   case "ExampleCommand1"
>   case "ExampleCommand2"
>   case "ExampleCommand3"
>      dispatch $1 to me
>   default
>      put "Invalid command: "& word 1 of $1
>   end switch
>   quit
> end startup
>
> For the relatively low cost of double-checking the command in the string $1 we 
> can limit the range of things that the app can be used for.
>
> It's a little more work, but prevents using the full range of LiveCode to 
> manipulate the app in unintended ways.
>
> -- 
>  Richard Gaskin
>  Fourth World
>  LiveCode training and consulting: http://www.fourthworld.com
>  Webzine for LiveCode developers: http://www.LiveCodeJournal.com
>  LiveCode Journal blog: http://LiveCodejournal.com/blog.irv
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>

-- 
Phil Davis

PDS Labs
Professional Software Development
http://pdslabs.net





More information about the use-livecode mailing list