[Xerte-dev] Re: Weird

Pat @ Pgogy xerte at pgogywebstuff.com
Fri Jan 25 20:58:07 GMT 2013


I had one the other day on Facebook when it told me my email was invalid - six googles later it turns out Facebook doesn't recognise info@ as a valid email inbox. Facebook could have told me but sometimes error messages suck.

If its a crap error message that can be solved quickly using the language files.

The name, folder names and notes are the areas where a lot of text is entered - all other input is numbers really.

Validation.js and the new folder, new template and notes template are where I would start

Pgogy Webstuff - http://www.pgogywebstuff.com
Makers of web things of a fair to middling quality

On 25 Jan 2013, at 20:12, "Smith, John" <J.J.Smith at gcu.ac.uk> wrote:

> Its definitely not a criticism but if we can catch things like and update and improve them then we might as well do it, right? Cuts down support issues to - if Julian is getting frustrated with it i'm sure others will eventually too!!
> 
> Happy to help with the php stuff too if you decide to overhaul in prep for 2.0
> 
> Regards
> 
> John Smith
> Learning Technologist
> School of Health and Life Sciences
> 
> Sent from Samsung Galaxy SII
> 
> 
> 
> "Pat @ Pgogy" <xerte at pgogywebstuff.com> wrote:
> 
> 
> In theory you can't use drop as the MySQL user account is supposed to be select, insert, update and delete only.
> 
> That file is 4 years old
> 
> I wrote it to stop things in a blunt way, finesse is welcomed
> 
> Pgogy Webstuff - http://www.pgogywebstuff.com
> Makers of web things of a fair to middling quality
> 
> On 25 Jan 2013, at 19:20, "Smith, John" <J.J.Smith at gcu.ac.uk> wrote:
> 
>> Is that best practice or even desirable? Surely if we cleanse the data, are checking for undesirable characters and escape quotes etc then 'reserved' names would be usable as is other systems?
>> 
>> You cant inject a drop table command without taking advantage of poor input cleansing...
>> 
>> Regards
>> 
>> John Smith
>> Learning Technologist
>> School of Health and Life Sciences
>> 
>> Sent from Samsung Galaxy SII
>> 
>> 
>> 
>> Dave Burnett <d_b_burnett at hotmail.com> wrote:
>> 
>> 
>> 
>> 
>> To avoid SQL injection like DROP TABLE some db's say "No Thanks"
>> 
>> ??
>> 
>> 
>> ________________________________
>> From: Julian.Tenney at nottingham.ac.uk
>> To: xerte-dev at lists.nottingham.ac.uk
>> Date: Fri, 25 Jan 2013 15:32:21 +0000
>> Subject: [Xerte-dev] Weird
>> 
>> 
>> Why can’t I create a project called ‘drop’?
>> 
>> 
>> 
>> I can create projects called:
>> 
>> d
>> 
>> r
>> 
>> o
>> 
>> p
>> 
>> dr
>> 
>> ro
>> 
>> op
>> 
>> dro
>> 
>> rop
>> 
>> 
>> 
>> but not ‘drop’.
>> 
>> “Sorry that is not a valid name. Please use only letters and numbers”
>> 
>> 
>> 
>> WTF?
>> 
>> 
>> 
>> 
>> 
>> 
>> _______________________________________________ Xerte-dev mailing list Xerte-dev at lists.nottingham.ac.uk http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
>> 
>> 
>> 
>> 
>> Glasgow Caledonian University is a registered Scottish charity, number SC021474
>> 
>> Winner: Times Higher Education’s Widening Participation Initiative of the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
>> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
>> 
>> Winner: Times Higher Education’s Outstanding Support for Early Career Researchers of the Year 2010, GCU as a lead with Universities Scotland partners.
>> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
>> 
>> _______________________________________________
>> Xerte-dev mailing list
>> Xerte-dev at lists.nottingham.ac.uk
>> http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
>> This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it.   Please do not use, copy or disclose the information contained in this message or in any attachment.  Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.
>> 
>> This message has been checked for viruses but the contents of an attachment
>> may still contain software viruses which could damage your computer system:
>> you are advised to perform your own checks. Email communications with the
>> University of Nottingham may be monitored as permitted by UK legislation.
> 
> _______________________________________________
> Xerte-dev mailing list
> Xerte-dev at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
> 
> Glasgow Caledonian University is a registered Scottish charity, number SC021474
> 
> Winner: Times Higher Education’s Widening Participation Initiative of the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
> 
> Winner: Times Higher Education’s Outstanding Support for Early Career Researchers of the Year 2010, GCU as a lead with Universities Scotland partners.
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> _______________________________________________
> Xerte-dev mailing list
> Xerte-dev at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev



More information about the Xerte-dev mailing list