Example. Today, I entered a new CD into the CD Index, entering the URL for
entry by hand (still haven't bothered to get X cut-and-paste working). It
turns out that I omitted one character in the discid (the SHA-1 hash). The
server took this entry anyway, even though it was shorter by one character
than is possible for a discid to be.
(Btw, if someone wants to go clean up the bogus entry for "Mirrorball,
feel free. :)
Minimal checking would just have the server verify that the right number
of characters are in the discid (32, I believe). If you feel ambitious,
make sure they're all legal characters. :)
Just a notion...
...dave
---- David E. Smith, P O Box 324, Cape Girardeau MO 63702-0324
http://www.technopagan.org/dave/ dave nospam at [technopagan.org|tao.ca]