Security questions about custom actions

@Darren_Murphy, I feel like the “done” button via custom action is still insecure. Some validations can still be cracked by my students. I’m at a loss for how they do it. Looks like I have to learn from him. My students don’t want to confess even though they have been investigated.
Maybe you can explain the downside.

So what’s happening, your users are bypassing your validation checks?
Can you explain how your validations are configured?


Maybe you are right, something is wrong here …
Though I have done the simulation many times, I didn’t reproduce the error. Help to check please.

Well, I haven’t suggested anything yet. So I’m neither right or wrong :wink:
I’m just trying to understand what isn’t working for you.

It’s very difficult for me to understand much from your screen shots. The only thing I will say is that in your first if-then-else column, the last 5 conditions all return true if the condition is met. What this means is that as soon as any of them pass, then the column will return true. This may or may not be the desired behaviour - I really have no idea. Usually (but not always) with this sort of check you would have a series of conditions that would return null/empty, followed by an else that returns true. The idea being that you eliminate all the failing conditions one by one, and anything that gets to the else condition will have passed validation.

Okay, for image 1, I’ll take a closer look.
A simpler one is image 2, where I want validation between 250-400 words to work when the field is filled and when the field is requested. Is there a problem with the logic or my way of ordering above?

That part looks okay, but I’m not sure about the first two conditions. If either of those is true, then the rest will be short circuited and the word count won’t be considered. Again, I can’t really tell if that’s what’s intended.

Yes, that’s what you want to achieve. I myself still can’t produce how they can get past it when the above two conditions are in a false position. The case now is that there are two users who have passed this validation. Or is this not the case?

Do you have a link to a copy of the app that we can test, or maybe copy? I would be curious to see if I could figure out how to get past the validations.

Thanks, Jeff if you will. Would it be better if I gave you a support link? Or what is better?
Because now we are asking students to submit assignments and assessments.
I also feel that there are parts that are wrong, especially in image 1. But it’s hard to express.

I can’t do anything with a support link. Those are only for Glide support to use. I was thinking you could duplicate your app, clear out the data, and share the link to that duplicate.

Okay, give me 1-2 days to prepare it. Really appreciate your willingness

1 Like