Forum OpenACS Q&A: Response to Stealing Email Addresses -3x

Thanks for your Great Suggestions... Don, Yes, AOLserver is talking to PG locally. Jon, I think that it is an SQL attack and I will some code checks as suggested by Stan. Don, How does Ben's "Validate Integer" code work? Is is a proc? I was thinking of using:

if { $user_id > 0 && $user_id < 1000001 } {
  # do normal stuff
} else {
  # send to 404 not found page.
}

David, I have extensively modified and expanded /shared/community-member.tcl so I will check that closely.

-Bob