<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; "><BR><DIV><DIV>On Oct 5, 2006, at 9:27 AM, Joachim Durchholz wrote:</DIV><BR class="Apple-interchange-newline"><BLOCKQUOTE type="cite"><P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Comic Sans MS" size="3" style="font: 12.0px Comic Sans MS">Administrators then include just those feature files that they need from<SPAN class="Apple-converted-space"> </SPAN></FONT></P> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Comic Sans MS" size="3" style="font: 12.0px Comic Sans MS">config.php, which in turn then include all the base machinery required<SPAN class="Apple-converted-space"> </SPAN></FONT></P> <P style="margin: 0.0px 0.0px 0.0px 0.0px"><FONT face="Comic Sans MS" size="3" style="font: 12.0px Comic Sans MS">specifically for them.</FONT></P> </BLOCKQUOTE></DIV><BR><DIV>On this note, what about FastData's security?</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>If you have FastData enabled on an open-edit wiki, general people can create forms that do all sorts of weird things. Suddenly your website is able to be used to mass-mail spam to people in complete violation of anti-spam laws. Or someone uses your site to send sms spam messages to cell phones. Or....</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>Is there some way to limit the recipe to a passworded group? Only allow the admin to authorize FastData to parse the forms? (similar to approve_sites -- approve_form)</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>If I programmed a shopping cart app in FastData, and I had a group as an open blog area, what's stopping someone from writing scripts in Blog/SandBax that alter data pages (at Data-MyShoppingCart/Item10839) for changes in price info by creating a custom form to over-write actual item information on a data page somewhere?</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>In other words, once people understand how FastData works, how much are we opening up said data & functionality to hackers?</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>Crisses</DIV></BODY></HTML>