Thanks for all the great help...here's the results.

ibiubu · March 30, 2002

Lots and lots of GREAT help on the forum. Was able to get my database up and running on the web in just over a week...from scratch...thanks to all the great advice here.

[ March 30, 2002, 11:53 AM: Message edited by: Larry Ross ]

Anatoli · March 30, 2002

Looks nice.

Before you open the champagne look into your login.

Letter "g" works, "j" also -- I do not now, but is that what you are looking for?

Also anybody can display everything from your database with http://63.226.xxx.xxx/FMPro?-db=Products&-format=-raw&-findall

We have security filter for PC and if you are on Mac search security discussions -- someone recommend solution for this security hole.

Keith M. Davie · March 30, 2002

Larry, Anatoli is right about the security issue. He is also right about "guest" entry. I tried the letters a thru h (you can test the rest. Here's what I found:

generated by entering a single letter, a, d, e, f, h

"No records found. Possible reasons for this are:..."

generated by entering a single letter, b: Job List/Salt City Candle

generated by entering a single letter, c: Job List/Curecrete

generated by entering a single letter, g: Job List/Rubicon Medical

FYI, my monitor is set at 832 x 624. In NN your smallest font size looks to be about 8; way small for my old eyes.

HTH

ibiubu · March 30, 2002

Thanks for the tips. The password thing...not sure about that one yet...got me stumped. For example if the search criteria is to match EXACTLY the data in a field, then why does typing in b still find blake? Here is a section of the CDML for when a name is entered and the submit button is hit to perform the find...can anything here be changed to force an exact match, not just the first letter?

The security hole...thanks for letting me know it exists. I will have to look thru the discusions to see what solutions people have come up with.

LR

[ March 30, 2002, 12:46 PM: Message edited by: Larry Ross ]

Keith M. Davie · March 30, 2002

My standard response to the exact find:

Remember that you are trying to get your format file to talk with your db file.

USE THIS RESOURCE OFTEN.

http://www.filemaker.com/support/index.html

________________________________________________________

Search and read: Article Number: 104829, and Article Number: 105687

________________________________________________________

Understanding the use of the symbols of an exact search in a cdml solution will enable you to understand how to use in your cdml solutions all the symbols available in the FMPro db find operation (see db status bar).

See also these useful threads in the cdml forum for examples and other approaches/ideas:

ibiubu · March 30, 2002

OK, I did what the tech notes suggested...

Notice the code for value="=="

now of course this performs an exact find...but in my text field where the user types in the text to search by == is already in that field. A little confusing for the user. Can == exist but not show up as a visible text string in the box. Most users would not know to leave it there and would just type over it to perform their find.

LR

Anatoli · March 31, 2002

I cannot test that -- you removed the URL.

In any case, visible "==" can be edited

Use Hidden field with "==".

Better still you can use Name and password and calculate them into one field and compare that with their record.

Or set that field in Security Database as exact -- it has to be exact through solution but you will increase overall security.

ibiubu · March 31, 2002

Actually got it to work. Here was the CDML

Geez...a bit lengthy, but it did the job. Now only exact searches yeild results. Some of the CDML is also to allow hitting the return or enter keys instead of hitting the submit button.

For example, now if you type "g" it goes to the error page. You have to type the exact match of "guest:

PS. Web Security Database...what is the basic concept here. In my FileMaker Prefs it is greyed out.

LR

Anatoli · March 31, 2002

You have to start the WebSecurity databases and then you can set them in preferences.

The concept is powerful and great. The problem is, that other security holes are there.

I suggest to use that at full and pretend like the holes didn't exist. You will sort them out or FM will maybe do something about them.

In any case everyone should use WebSecurity at full potential.

Keith M. Davie · March 31, 2002

Larry's code

Larry, I never use the -op or -lop in either a Form or Link action. I would have made a very slight change so the code would read:

Sign In

Thanks for all the great help...here's the results.

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Important Information