From: "Casey Duncan" <casey@zope.com>
My point is how do you disinguish <dtml-var foo> meaning "Call foo passing everything from the namespace that maps to an arg" from <dtml-var foo> meaning "Call foo passing everything, but foo doesn't use anything" from <dtml-var foo> "Call foo and foo takes no arguments" from <dtml-var foo> "foo is not callable, so return the value of foo".
My point is: Why on earth would you do that? I don't see how preventing the calling of <dtml-var foo> but allowing <dtml-var "foo()"> would have any significant positive contribution, (except possibly clarity).
Also, are we talking about only fixing the "action on GET" for the ZMI or for all Zope apps? If the answer is "Just the ZMI" then we are talking about doing something that has not been done before: Making the ZMI different from all other Zope apps. If the answer is "All Zope Apps" then I fear you have just broken every Zope app I have ever seen 8^).
Well, I don't think I have ever used a GET to call a destructive parameter in any application, but I can see that it is practical. What I have done though, is to call it manually to do things when I have messed up. :-)
If I were to implement this, a very simple approach seems attractive: Lock the ZODB on GET requests so that no transactions can be committed. However, I'm not sure I want to go there.
I'm sure I don't. :-) I just keep thinking "there has to be a better way". I haven't figured out what yet, though. :-) Normally you would pop up a confirmation before taking destructive actions, but I don't see how that is possible via a web interface. This is something I really hate with the web. Every advancement that had been done in making user interfaces consistent and usable was thrown out the window. And I blame Netscape. The bastards.