FileMaker 5 Internet Security Holes -- Blue World Communications has published a FileMaker 5 security alert outlining serious Internet security issues with FileMaker Pro 5 and FileMaker Pro 5 Unlimited's XML publishing and email capabilities. Two exploits enable an interloper to acquire the entire contents of any Web-published database via email or as XML regardless of Web security settings; another enables anyone on the Internet to use FileMaker 5's email capabilities to send arbitrary email messages (a problem sure to delight spammers worldwide). These revelations come a week after FileMaker Inc. published documentation of FileMaker Pro 5's Web publishing capabilities in FileMaker Developer 5, although portions of FileMaker's XML capabilities have been documented on FileMaker's Web site for five weeks. As of this writing, FileMaker has not acknowledged any problems, and the only workarounds currently appear to be disabling FileMaker 5's Web Companion, reverting to FileMaker Pro 4.x (which does not have these security issues, but cannot open FileMaker 5 databases), or using a middleware product like Blue World's Lasso as a gateway for incoming requests. [GD]
Copy Before Submitting Web Forms
Filling in Web forms (like the one used to submit this tip) can be a bit of a gamble - you put in your pearls of wisdom, perhaps only to lose them all if the Web page flakes out or the browser crashes. Instead of losing all your text, "save" it by pressing Command-A to select all and then Command-C to copy the selected text to the clipboard. Do this periodically as you type and before you click Submit, and you may "save" yourself from a lot of frustration. It takes just a second to do, and the first time you need to rely on it to paste back in lost text, you'll feel smart.
Other articles in the series FileMaker 5