Capture the Trig Function from an Option Menu Button
Richard Gaskin
ambassador at fourthworld.com
Sun Dec 9 16:03:02 EST 2012
Jim Hurley wrote:
> But there is certainly a nice generic quality to Do.
> "Never mind what, just Do it."
And in that lies one more reason to use "do" only with great care:
In areas where it may be affected by user inputs it can become an
injection vulnerability.
The rest of the language is reasonable secure, but "do", "value", and
the other dynamically-interpreted commands can be quite risky when mixed
with incoming data, which is often when they're most valuable, so it may
help to be mindful of this and include sanitizing error checks on any
strings sent to such commands.
Related:
<http://xkcd.com/327/>
--
Richard Gaskin
Fourth World Systems
Software Design and Development for Desktop, Mobile, and Web
____________________________________________________________
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the use-livecode
mailing list