So maybe instead of 4900 functions, you may only need 20 of them. Third, for the MBS Plugin, you can use Plugin.SetFunctions function to limit the list of functions to the ones you need. Not to mention creating new scripts which they can trigger anything anywhere. Second point means if an user has the chance to modify a script, they could write anything there, including calls to sabotage, steal or delete data. But you pass values as parameters and not put them in the SQL directly, right? Same for text used in SQL statements, where user can enter SQL commands in text fields and they are executed. Or other cases you may need to remove brackets to remove function calls. But what if they enter a plugin call instead? Well, using GetAsNumber first may help to convert input to a number first and strip function calls. your user enters a number and you multiply it. You make sure you limit the plugin features to those you need.įor the first point, well you can let the user enter a calculation and use Evaluate to get the result.You do not allow databases on servers with user accounts who can edit scripts or layouts.You do not simply pass user entered text to evaluate or SQL function in FileMaker.All functions you may use yourself to do backups to remote locations in your scripts.įor all your solutions you must make sure that: They all may offer functions to delete files, to upload files via FTP or to encrypt files. Whether you use our MBS Plugin or a few of the others available. Fixed a bug with Wait = 0 for Text.Speak on Windows.ĭownload at /filemaker/files/Prerelease/ or ask for being added to the dropbox shared folder.įileMaker Server Security and plugins On a FileMaker Server plugins can do a lot.Added RegEx.Quote, RegEx.Replace and RegEx.ReplaceAll functions.Changed RegEx options so you can pass by number or by text.Implemented Folders.UserDocuments for Linux to point to FileMaker's document folder.Added Linux support for StoreRegistration, so it works on FM Cloud Server.Added Socket.GetMulticastInterface and Socket.SetMulticastInterface functions for UDP Sockets.Added Socket.AddMembership and Socket.DropMembership.Added SyntaxColoring.GetShowLayoutIDs and SyntaxColoring.SetShowLayoutIDs.Added option to show Layout IDs in manage layout dialog. ![]()
0 Comments
Leave a Reply. |