Hi

I've written a file management script & associated HTML front-end that I
wish to make available to list owners of our service via the list management
interface.

The only remaining issue I have is making it secure. As it stands, when they
go to the list management interface they are presented with a button which
makes a cgi call, eg:

http://www.listservserver.ac.uk/cgi-bin/file.cgi?listname

The problem is that if they just change the listname on the query string, it
will take them to another list's file manager screen, which is obviously a
big breach of security!

Now, I could write my own ticket management program, but there are a number
of issues associated with that.

Therefore, is it possible to somehow use listserv's own ticket system, yet
retain the integrity of my script? I guess, it would be like creating a
custom function that operates under the listserv shell.

Any ideas?

Thanks

--
Spencer Warhurst
JISCmail Administrator