Hi,
I’m not interested in the code, but I want to warn you about security issues. We have reported 14 security issues over half a year ago, and so far only one has been resolved. I cannot be sure that your code is vulnerable for the issues we found, but I urge you to test your software thoroughly. If you use globals then declare them as session and DON’T use get and/or post, search field is not protected against sql injection, Sc has some protection agains XSS, but some fields are still vulnerable etc. etc. At the university I work for (too) we have a security board which perform ethical hack tests. Scriptcase has not a good reputation unfortunately…
Don’t want to disturb you, but be sure what you do.
Due to the privacy nature of our applications I cannot send you the movies we made from our hacks. Sorry for that.

b.r. Albert Drent
aducom software

Thanks for that and fully understand what your saying. I will test further, I hope SC will listen soon. none of the apps use global atm i might well need to at some point, basicly what i have done is made it easy for a scriptcase user to build a online shop, every page for the shop can be created in SC from front page to checkout, payment gateways etc login ive used stand alone code outside of SC using MVC.

Kind regards

Paul