Sorry Jake my post wasnt written very well. You are correct ofcourse the user
can use ?OPenAgent (but anonymous has to have permission to run the agent on
the server).
I guess my question is more general in that I am wondering what sort of
possible damage someone may do by defining a function in the address bar. If
one does not have server side validation on the form that would be one
example. Would it be possible for "them" to do send anything via this method
which could do damage to data on the server?
Sorry Jake my post wasnt written very well. You are correct ofcourse the user can use ?OPenAgent (but anonymous has to have permission to run the agent on the server).
I guess my question is more general in that I am wondering what sort of possible damage someone may do by defining a function in the address bar. If one does not have server side validation on the form that would be one example. Would it be possible for "them" to do send anything via this method which could do damage to data on the server?
Al