Right. Thanks Bev! I wasn’t considering MVP/MVC. Indeed a good way to deal
w/ this kind of stuff :)
Thanks,
-Joel
On Mar 29, 2018, at 1:05 PM, beverlyvoth <beverlyvoth@xxxxxxxxx> wrote:
No, I use MVP, such that every request goes to the main Controller and tests
what to do with it. There are no direct-link pages. Should someone try, it
redirects back to the main controller, because there is information missing
on the 'direct page/include' that can only be gained from the controller.
Far too complex to describe fully. But really quite simplistic.
If the main controller is looking for GET/URL data then then a Modal to
handle it is called. If it's getting POST/FORM data, another Modal will
handle it.
HTH
Beverly
On Mar 29, 2018, at 3:50 PM, Joel Shapiro <info@xxxxxxxxx> wrote:
Interesting… but what about a URL getting loaded directly, as happened in
that penetration testing? Can you prevent that? Does each of your pages
first send the user to a “cleaning” page and then come back?
_____________________________________________________________________
FX.php Official Web Site -- http://fx.iviking.org/
FX.php Official Mailing List -- //www.freelists.org/list/fx.php_list
(Subscribe, unsubscribe, and more at the mailing list site!)
FX.php_List@xxxxxxxxxxxxxxxx