Phew. I might put the $50 prize back in place now then ;o)
Hopefully that will offer the incentive for people to test it a little more aggressively. I get the impression people haven't done so thus far because - although they want or need the solution - they don't necessarily understand the underlying problem in the detail needed to fully test the solution itself. If that makes sense.
Changing the Form field only didn't work as I don't normally add the field called "Form" to the Form itself. Otherwise your hack might have worked. Although that would have been cheating as it's not what you're supposed to be testing. I admit the other forms in dext.nsf are still vulnerable. Once this form is fully tested and retro-fit it to *all* forms on this server (including codestore's).
Thanks for helping Dragon! If you get chance could you share your methods with me (offline if you prefer).
Phew. I might put the $50 prize back in place now then ;o)
Hopefully that will offer the incentive for people to test it a little more aggressively. I get the impression people haven't done so thus far because - although they want or need the solution - they don't necessarily understand the underlying problem in the detail needed to fully test the solution itself. If that makes sense.
Changing the Form field only didn't work as I don't normally add the field called "Form" to the Form itself. Otherwise your hack might have worked. Although that would have been cheating as it's not what you're supposed to be testing. I admit the other forms in dext.nsf are still vulnerable. Once this form is fully tested and retro-fit it to *all* forms on this server (including codestore's).
Thanks for helping Dragon! If you get chance could you share your methods with me (offline if you prefer).