Hi all, I want to set it up so that users can search on lots of different fields. For example: category, group, color, sizeA user can choose, size 1-4 and category=Cat1 OR Cat2 OR Cat3, and a color of RED OR BLUE
I see no way to do this with the built in system of searching. I do see from the docs, that I can set a hidden field of a SQL query. Is that not insecure. I relize that SAFE prevents someone from doing a delete or update. But why could someone not do a "select * from userdb" or even worse "select username as sku,password as comment from ..." that would fill the search page with the passwords.
Does anyone see a way around this, is this a bug? John _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.