[thelist] [ASP] templating system woe's
Joshua Olson
joshua at waetech.com
Thu Aug 21 07:24:48 CDT 2003
----- Original Message -----
From: "Stephen Caudill" <SCaudill at municode.com>
Sent: Wednesday, August 20, 2003 6:12 PM
> I've painted myself into a corner. I have been working on a templating
system
> for classic ASP, and just discovered I made a serious oversight. The
system
> works fine with plain HTML. However, rather than processing the server
code,
> it merely prints that to screen as well. Here's the meat of it: There's
a
> function which extracts everything between the body tags and returns it as
a
> string... which I'm then response.writing in the appropriate place within
the
> template.
> Dumb, dumb, dumb.
No, not really. Just follow your idea through.
> I've been kicking myself over it all afternoon. The only
> thing that has occurred to me is to write the contents of the <body> to a
temp
> file and server.execute that into place in the template, but that seems
very
> inelegant and likely to add too much overhead to the processing (there's
already
> a ton of FSO and RegExp...)
Not too bad of a solution given the scenario. In regards to overhead, do
think about how much traffic the site is likely to generate before getting
too worried. One nice benefit to this method is that you could concievable
cache the pages to disk and only overwrite them if the database record is
updated. Comparing the datestamp of the record against the datestamp of the
file should give you this info.
The question you need to ask yourself is whether this method creates a
security risk for the content. If you can place executable script into the
database (and presumably someone has the opportunity to change the code)
then you open up potential points through which someone could damage the
site or the server or server farm (ugh).
> The code works, so I haven't included it, but if someone thinks it might
help,
> I'd be happy to provide it.
No need... go with your gut.
<><><><><><><><><><>
Joshua Olson
Web Application Engineer
WAE Tech Inc.
http://www.waetech.com
706.210.0168
More information about the thelist
mailing list