Lawrence D'Oliveiro wrote:
> In message <[EMAIL PROTECTED]>, Steve
> Holden wrote:
>
>
>>Lawrence D'Oliveiro wrote:
>>
>>>In message <[EMAIL PROTECTED]>, Steve
>>>Holden wrote:
>>>
>>>
>>>
Credit card numbers should be encrypted in the database, of course, but
they rarely are (even by com
Lawrence D'Oliveiro <[EMAIL PROTECTED]> writes:
> > lower. Just last week a police employee in my class told us of an
> > exploit where a major credit card copmany's web site had been hacked
> > using a SQL injection vulnerability. This is usually done with the
> > intent of gaining access to credi
In message <[EMAIL PROTECTED]>, Steve
Holden wrote:
> Lawrence D'Oliveiro wrote:
>> In message <[EMAIL PROTECTED]>, Steve
>> Holden wrote:
>>
>>
>>>Credit card numbers should be encrypted in the database, of course, but
>>>they rarely are (even by companies whose reputations imply they ought to
Lawrence D'Oliveiro wrote:
> In message <[EMAIL PROTECTED]>, Steve
> Holden wrote:
>
>
>>Credit card numbers should be encrypted in the database, of course, but
>>they rarely are (even by companies whose reputations imply they ought to
>>know better).
>
>
> How would encryption help? They'd sti
In message <[EMAIL PROTECTED]>, Clodoaldo
Pinto Neto wrote:
> 2006/10/4, Tim Chase <[EMAIL PROTECTED]>:
>
>> The code is very dangerous...allowing any ol' schmoe to run
>> arbitrary code on your server. At the barest of minimums, I'd
>> plaster the code with warnings that this is a Very Dangerous
In message <[EMAIL PROTECTED]>, Steve
Holden wrote:
> Credit card numbers should be encrypted in the database, of course, but
> they rarely are (even by companies whose reputations imply they ought to
> know better).
How would encryption help? They'd still have to be decrypted to be used.
--
htt
[EMAIL PROTECTED] wrote:
> Clodoaldo Pinto Neto wrote:
>
> > print 'The submited name was "' + name + '"'
>
> Bzzt! Script injection security hole. See cgi.escape and use it (or a
> similar function) for *all* text -> HTML output.
>
> > open('files/' + fileitem.filename, 'w')
>
> BZZT. filesyst
Sells, Fred wrote:
> content is great, my comments are editorial.
>
> I prefer PDF with bookmarks rather than HTML.
>
> If you choose to go the PDF route, I've found OpenOffice 2.0 pretty good at
> generating PDF with bookmarks. Just don't get too complex or OO may hose
> you.
Since you replied
On 10/5/06, Sells, Fred <[EMAIL PROTECTED]> wrote:
> content is great, my comments are editorial.
wrt what document?
> I prefer PDF with bookmarks rather than HTML.
> 1. easy to print the whole thing and read offline.
> 2. easy to find a secion from bookmarks, rather that chasing links
> 3. easy
content is great, my comments are editorial.
I prefer PDF with bookmarks rather than HTML.
1. easy to print the whole thing and read offline.
2. easy to find a secion from bookmarks, rather that chasing links
3. easy to save on my local "doc" folder so I can be sure It will always be
there. (i.e
On 5 Oct 2006 14:56:54 -0700, Jim <[EMAIL PROTECTED]> wrote:
> * You need a DEBUG variable:
> from defaults import DEBUG
> :
> if DEBUG:
>..
WADR, there is a more formal way to do this:
http://docs.python.org/ref/assert.html
Use -O to remove the assert statements, essentiall
Clodoaldo Pinto Neto wrote:
> I'm just building a Python CGI Tutorial and would appreciate any
> feedback from the many experts in this list.
I'm not an expert, but I have written a lot of these and I have a
couple of $0.02's.
* All code you put in your writing needs to be correct. That is, on
th
> I'm just building a Python CGI Tutorial and would appreciate any
> feedback from the many experts in this list.
>
> Regards, Clodoaldo Pinto Neto
>
Perhaps you want to post this to the mod_python list as well:
http://mailman.modpython.org/mailman/listinfo/mod_python
--
http://mail.python.org/ma
[EMAIL PROTECTED] wrote:
> Clodoaldo Pinto Neto wrote:
>
>
>>print 'The submited name was "' + name + '"'
>
>
> Bzzt! Script injection security hole. See cgi.escape and use it (or a
> similar function) for *all* text -> HTML output.
>
>
>>open('files/' + fileitem.filename, 'w')
>
>
> BZ
Clodoaldo Pinto Neto wrote:
> print 'The submited name was "' + name + '"'
Bzzt! Script injection security hole. See cgi.escape and use it (or a
similar function) for *all* text -> HTML output.
> open('files/' + fileitem.filename, 'w')
BZZT. filesystem overwriting security hole, possibly es
Clodoaldo Pinto Neto schrieb:
>
> http://webpython.codepoint.net
>
Great tutorial -- Thanks a lot!!!
:D
--
Gerold Penz - bcom - Programmierung
[EMAIL PROTECTED] | http://gerold.bcom.at | http://sw3.at
Ehrliche, herz
Several times you improperly spell "syntax" "sintax". Other than that
it appears to be an excellent tutorial.
Clodoaldo Pinto Neto wrote:
> I'm just building a Python CGI Tutorial and would appreciate any
> feedback from the many experts in this list.
>
> Regards, Clodoaldo Pinto Neto
--
http:/
2006/10/4, Tim Chase <[EMAIL PROTECTED]>:
> >> I'm just building a Python CGI Tutorial and would appreciate any
> >> feedback from the many experts in this list.
> >
> > http://webpython.codepoint.net
>
>
> Thanks! :)
>
> My first note would be regarding
>
> http://webpython.codepoint.net/shell_com
>> I'm just building a Python CGI Tutorial and would appreciate any
>> feedback from the many experts in this list.
>
> http://webpython.codepoint.net
Thanks! :)
My first note would be regarding
http://webpython.codepoint.net/shell_commands
The code is very dangerous...allowing any ol' schmoe
Clodoaldo Pinto Neto wrote:
> I'm just building a Python CGI Tutorial and would appreciate any
> feedback from the many experts in this list.
http://webpython.codepoint.net
--
http://mail.python.org/mailman/listinfo/python-list
Clodoaldo Pinto Neto wrote:
> I'm just building a Python CGI Tutorial and would appreciate any
> feedback from the many experts in this list.
http://webpython.codepoint.net
--
http://mail.python.org/mailman/listinfo/python-list
> I'm just building a Python CGI Tutorial and would appreciate
> any feedback from the many experts in this list.
First item of feedback...post something on which to give
feedback, such as a link to the work in progress. :)
-tkc
--
http://mail.python.org/mailman/listinfo/python-list
22 matches
Mail list logo
