Good point John. Didn't think of that. Most (90%) of what I code is internal and I don't always give a lot thought to how safe it might be if a wannabe hacker went at it.
Not even sure I would (or even need to ever) use this approach for an external site. If I did then it would be easy to cater for a set of allowed fields. I'd probably make the agent run as the web user too.
As ever though it's just a "how to". Use at your own risk and all that. etc
Good point John. Didn't think of that. Most (90%) of what I code is internal and I don't always give a lot thought to how safe it might be if a wannabe hacker went at it.
Not even sure I would (or even need to ever) use this approach for an external site. If I did then it would be easy to cater for a set of allowed fields. I'd probably make the agent run as the web user too.
As ever though it's just a "how to". Use at your own risk and all that. etc