NetTalk Central

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Bruce

Pages: 1 2 3 [4] 5 6 ... 717
Web Server - Ask For Help / Re: To control FileDownload
« on: January 18, 2023, 09:00:27 AM »
As I recall offhand, Serve document is a NetWebPage.
loc:alert is not a "thing" in that context as I recall.

personally I wouldn't bother to reply to the user, I'd just send back "nothing".

Since presumably the request is illegal anyway.


Web Server - Ask For Help / Re: To control FileDownload
« on: January 17, 2023, 09:59:39 PM »
Yeah, Osa's one is better because it deals directly with the file extension.

Richard, I'm not sure what your one does, because you're using CONTENTS which I don't think does what you think it does.
Plus (I think?) you are searching the whole name for .Doc, not limiting to the extension.

Osa - bear in mind that there are likely to be graphic files on your computer which are not for public consumption. So I think I'd add some sort of folder test in there as well to limit the folders it can serve from.
And also eliminate any file names that contain .\ or ..\ in them.


the result of the ajax request must be valid XML.

You can inspect the returning value in your browser console, in the network tab. If there's no option there to validate the xml, then copy the xml to a text file (say a.xml) and open that in the Clarion IDE. There's an XML menu, with a Validate option there (if the opened file has an XML extension.)

the most common issues are ;
a) embedded HTML which is not also XML
b) the ID of the browse is not correct in the incoming XML. This can be because of procedure nesting (and you will likely need to liaise with me at that point.)


fixed in 12.54

Web Server - Ask For Help / Re: (Nettalk) Webserver security?
« on: January 10, 2023, 07:58:41 PM »

>> Now network folks want to install a physical firewall (fortigate) and software called MalwareBytes to filter out "bad requests"

Anyone who has watched their (public) web server for more than a few minutes will see that it's constantly being bombarded with requests that are clearly malicious. None of them do anything (because they're targeted at specific vulnerabilities in specific server software) but they happen all the time. If someone wants to filter those out, there's no harm in that.

>> and limit the requests only to certain ip-addresses (which is max. 25 in this case, but some don't have guaranteed fixed addresses).

This is a feature that sounds good on paper, but may end up being useless later on. But there's no real harm in turning it on, and then later deciding to turn it off if necessary.

>> Personally I think they are introducing a lot of costs for the client (fortigate)

That's the client's issue, not yours. The client has contracted with these Network folks, and can either take their advice or ignore it. It's not your money, so you don't need to worry. If the client asks you about it respond honestly. ("The server is secure, but there are no guarantees in life".)

>> and quite a lot of hassle to keep the ip-addresses up to date

presumably the Network folks will maintain this list, and they'll either decide it's too much hassle, or they won't.

>> (I know that I'm the one getting the first support calls when an ip-number has changed and traffic blocks ...)

Sure, and you just politely redirect the call to the network folks. If the client can't connect it's their problem anyway.

In my opinion you should stick to "your lane". The network folks are in charge of the network. Let them do their job. You want them onside. If they want your opinion, or the client wants your opinion, then they will ask you. If they want to know more about the server then there are ways to do that. But fighting network folk just means they aren't inclined to help you, and if something (anything, anywhere) breaks, suddenly it's your job to fix it.

So my advice; don't fight this - just smile.


Web Server - Ask For Help / Re: Remove file name from File Upload
« on: January 10, 2023, 07:37:36 PM »
>> I can't even figure out where in the code this table is created, or how to add my own css to it.

The table is created inside jquery.nt-upload.js

It is an actual HTML Table, with the css class

so you can easily add your own custom CSS using this class as a selector, and then hide things or whatever.

The filename inside the table is populated around line 341 in the javascript, from


for build 7.42 I've added a

This returns the "company" field from the SecwinSettings Table.

Hi Sean,

I suggest you start a new thread, and if possible post an example.


I've been on leave Rob, I'll dig through the emails this week.

>> Problem is theres never any situation in which we need to change or to some calculation inside the loop of the view,

That doesn't sound like a problem. Clearly I'm not going to remove the embed points just because _you_ don't find them useful? So I'm not sure what you are asking me to do there :)

>> If its possible, it will be very useful to add the template the feature to save the view values in the session (when selected) to be used in the server side code.

If you need to set additional values aftr a Drop item is selected, then the correct place to embed the code is in validate::somefield  routine

The following code should be sufficient;

p_web.LoadRecord(tablename, primarykeyname)

for example;

p_web.LoadRecord(customer, cus:guidkey)

This has nothing to do with additional View fields. And you should not use Additional View fields for this purpose. I recommend you don't add to the Additional View Fields unless you want to use the field in an expression, or embed point, as discussed earlier.

this might become a template option in NT14, but I'm not adding things to NT12 at this point.

Web Server - Ask For Help / Re: web and secwin 7 and menus not hiding
« on: January 01, 2023, 10:22:46 PM »
>> If, due to security, a top level menu has no items, should it also hide?
>> It seems the bubbling of security does not go up to the menu level?

I believe this is true. Bubbling applies to menu item, not whole menus (at this time.)


Web Server - Ask For Help / Re: Larges Reports on NT
« on: January 01, 2023, 10:21:49 PM »
>> i missed tell you that i use the start button,

an important detail, but definitely a good idea.

>> but after report process start all other transaction said Slow Request: [760] and really is very slow, only when a appear pdf window generating the web server return to a normal.

That doesn't surprise me, and will depend largely on the hardware, and database you are using.

Naturally a big report will work hard on the database engine. It will also likely consume a bunch of CPU on the server, especially if you have code in the report itself. And being large it will have a fair amount of disk activity as it writes the WMF files. Then once the WMF files have been constructed, they need to be loaded, joined, and converted into a PDF. This will all take significant work.

If you have a machine with limited CPU power (perhaps a VM with only one core) then all the other code will run slowly. If you have a serialized, or slow, connection to the database then any other requests talking to the database will be slower. If the database is running on the same (underpowered?) server machine then naturally everything slows down.

Incidentally a "slow request" is only posted once the request has been completed. So it would seem your server is still serving - just slowly.

Hi Guys,

Firstly - if you want to understand what the template is doing, then it's always a good idea to look at the generated code in the embeditor. Familiarity with that code makes embedding easier, because you know what is happening where.

Adding fields to the VIEW means that while the view is looping through record, those fields are primed from the database. So in order to understand where they are useful it's good to see the generated code surrounding that view.

In the following walkthough, I changed a "lookup customer" string field to be a drop. (Books(71) example, UpdateInvoices procedure).

First the VIEW declaration;

INV:Customer_OptionView   View(Customer)
! Start of "Custom View Code"

! End of "Custom View Code"

As you can see the View declaration also includes an embed point for adding more information like more fields, JOINS and so on.

Then search for it's use;

Value::INV:Customer  Routine

      INV:Customer_OptionView{prop:filter} = p_web.AssignFilter(loc:Filter.GetValue())
      INV:Customer_OptionView{prop:order} = p_web.CleanFilter(INV:Customer_OptionView,'UPPER(Cus:Name)')
      ! Start of "Option Filter & Order"
      ! End of "Option Filter & Order"
        If ErrorCode() then Break.

You can see the view is opened here, and looped through, and so on. So in these embeds the field values are in scope.
Alberto, this is where you can add embed code for these values.


Web Server - Ask For Help / Re: Larges Reports on NT
« on: December 27, 2022, 09:34:58 PM »
You could do something as simple as
a) have a button on a page
b) call START to start a thread when that button is pressed.

Or better yet, for the code under the button just
a) call p_web.ReplyComplete()
b) call the report procedure.

Incidentally, there's a button type that does this for you, called a START button.


Hi David,

I'm not really sure what you are asking - but no, It's not like the whole view record (from a drop) is saved to a session value. The Unique ID is saved, from there you can lookup whatever you need.

If you have something specific in mind, or are unsure, then make an example showing the effect you are chasing and I can be more explicit on what you might do to achieve that effect.


Pages: 1 2 3 [4] 5 6 ... 717