New Response

« Return to the blog entry

You are replying to:

  1. Hey Jake,

    Got it to work but tell me how bad is this resolution and any possible remedies or checks....

    I made a blank database with just the upload form (in your case: Demos.Flex.Upload). The ACL on the db is Default: No Access, Anonymous: Depositor with our Admin group having Manager. The key is the Anonymous user.

    With this being set to Depositor it allows the doc(s) to be created and thus the uploads to happen. Like I mentioned before, after I upload the files I then submit my page which calls a WQS agent that goes and gets the attachments (key by UNID), puts them on the server and then deletes the docs.

    The page is reloaded and the new files are shown as links on the page.

    So, how bad am I going to get hacked now?


Your Comments