Re: [Flashcoders] variable with # sign

Thu, 21 Feb 2008 09:51:57 -0800 

I hear you Glen.
I'm connecting to Topica, a fairly popular online email marketing application. And I'm probably making it sound like something it isn't out of my own ignorance. Essentially, I'm trying to recreate the sign-up from that Topica's system generates for its clients in HTML into Flash. The HTML form has input text fields like "NAME="f:1700253685" and I don't know how to re-create the form function in Flash to send the user input data entered into the corresponding field. I think I get tripped up by the ":" in the "NAME" but that could be way wrong. 


The workaround I came up with was to send the data to a hidden form  
in my HTML wrapper and then submit it through a Javascript function  
called from Flash. That way the form is essentially the same one the  
Topica system gave me and I'm using Flash to populate it. Nothing  
elegant about it, but I don't know enough and Topica doesn't provide  
any support for sending the user input data directly from Flash.



And I can only trust the sign-up form they give all their users has  
the safeguards you are describing below.


-A


On Feb 21, 2008, at 5:57 AM, Glen Pike wrote:


It sounds like your server side code is putting stuff straight into  
the database from your form.



If you are doing this, then please stop - THIS IS BAD... 1, you are  
maybe not checking your data from the form for dodgy stuff.
2, you are probably allowing the form to specify what fields in the  
database you are filling in.
3. why does your database not let you create your own tables with  
sensible field names?



It may be good from a lazy programming perspective, but this is a  
security nightmare.



You should always have your server side code check & validate your  
data, then decide where each bit of data goes.  The client should  
not specify where the data goes - otherwise your database ends up  
hacked.  This also applies to contact forms that specify the  
recipient in the form itself.  DON'T DO IT, IT'S BAD, LEARN ABOUT  
SECURITY (please) :)


HTH

Glen

[EMAIL PROTECTED] wrote:

Thanks for getting back to me.
I'm targeting Flash Player 8.

Essentially, I am creating an HTML form in Flash, but I'm running  
into trouble because the form refers to database field names with  
symbols I can't place in a variable name and I need to pass the  
variable name with the data.



The form in my FLA has input fields for First Name and Email  
address. Each input field has a Var associated with it.

The First Name field's Var is "f:1700253695"
The Email field's Var is "f:31"


Then in Actionscript I have variables for the "hidden" fields that  
would be used in an HTML version of the form (not sure if this is  
necessary) and a submit button function to send the variable names  
and their values to the sign-up form on the server.

var f#1700253695 = "TEXT:First%20Name";
var f#31 = "TEXT:Email%20Address";

submitBtn.onRelease = function(){
    getURL("http://www.topica.com/f/p.html";, "","GET");   }


The problem I'm having is that the database on the server requires  
either the colon or the # sign in the field name, but I can't  
figure out how to publish the SWF with them.
If there isn't a way, I think I will use the ExternalInterface API  
to send my field values to a form in my HTML wrapper and send the  
data from there. I'm not well versed in Javascript so I'm trying  
to avoid that if possible.


Any help would be greatly appreciated.

Thanks again.
-Alex


On Feb 21, 2008, at 12:50 AM, Martin Klasson wrote:


this[f#31] = "TEXT:Email%20Address";

This could work for you I guess, it wont give you a compiler error,

but I would revise the code since I wouldnt suggest this "ugly"  
solution.


If you could show more code on how you are sending the data,
as well as what Flash Player version you are targeting there would
easier to give you a more helpful hand if you want the solution to
be more legit than the solution above.

/ Martin


2008/2/21, [EMAIL PROTECTED] <[EMAIL PROTECTED]>:


Hi.

I need to pass a variable to a email sign-up form and it needs  
to be

named f#31

I have it written:

var f#31 = "TEXT:Email%20Address";

Flash gives me an error when I try to publish this and I assume its
because the variable name has the # sign. How do I get around this?
I've tried escape sequences to no avail.

Thanks!
-Alex
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders





--

Martin Klasson
Flash Developer
Parkgatan 9-11
S-411 24 Göteborg
Sweden
Office +46 (0) 31 711 54 50
Cell +46 (0) 730 964 561
[EMAIL PROTECTED]
www.kokokaka.com
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders


_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders




--

Glen Pike
01736 759321
www.glenpike.co.uk <http://www.glenpike.co.uk>
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders



_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders






















					Reply via email to