Beefy Boxes and Bandwidth Generously Provided by pair Networks Bob
The stupid question is the question not asked
 
PerlMonks  

Re: UberSecure v1.5.2

by vladb (Vicar)
on May 13, 2002 at 17:24 UTC ( #166232=note: print w/ replies, xml ) Need Help??


in reply to html/file security cgi [revisited]

Pardon me, but the code seems to be a work of a rookie 'hacker wannabe'.

This shows both from the code itself (to mention a few points, your methods -- which are nothing but a poor remake of CGI -- to process cookies are simply not adequate) and the language form used. Spelling 'through' as 'thru' is simply wrong and perceived as a poor gesture. Also, is there anything about your use of the word 'Uber'?

Don't take me wrong, but I can't even start to think of your code as being a serious attempt at anything other than 'l33t' hacker-dom.

For one, you should have at least refrained from reinventing the wheel and use these excellent modules already written eons ago and thoroughly tested by multitude current and past users:

  • HTML::Template
  • CGI
At least this would have given me the impression that you have some knowledge of decent Perl tools and therefore is not a rookie.

UPDATE: Oops, pardon my mentioning of 'work of a 13-year old ...'. as particle kindly pointed out, this wasn't entirely appropriate. (Besides, I too started out programming at a very young age; I'm also sure there are some brilliant young coders out there who I personally know and appreciate their efforts)

UPDATE 1: In reply to UberDragon13's responce.. Sorry, I didn't mean to offend you. Certainly, I'll be more than willing to help with whatever questions you might have. I think proper place for your code would rather be in the discussion forums. By posting your code here, I assumed you were willing to expose it to fair criticism. Also, again, the language you've used in your comments etc. wasn't particularly mature. However, this is a mute point anyways ;).
"There is no system but GNU, and Linux is one of its kernels." -- Confession of Faith


Comment on Re: UberSecure v1.5.2
UberSecure v1.5.2 comments
by UberDragon13 (Acolyte) on May 13, 2002 at 21:45 UTC
    Well, you certainly have pegged me.
    I am definately a rookie, but eager to learn. This is only my second perl/cgi program. I do not know all of the modules available or even how to use them.. But I am learning through trial and error and that is why I decided to post my lame code here.

    To get input, opinions and suggestions to better ways. If you can show me ways to improve this particular program to excellent perl code. I will learn from it and be able to apply this knowledge to my next attempt. Thanks

    (btw) Uber is a german word meaning super

    ~UberDragon13

      Hello, just a few suggestions to help you improve upon this code:

      • use CGI or die; - A few reasons why you should use the CGI.pm module instead of rolling your own.
      • Using strict.pm will save you a lot of time down the road.
      • As I pointed out earlier, make sure to read up on security. If you only remember one thing, make sure it's Don't Trust User Input.
      • Add the -w flag (or use warnings;) to enable warnings. They'll help you catch silly mistakes and reduce your debugging time.

      For added points, remove the "Do not edit without permission." statement. If you're posting code to get advice on how to improve it, the least you can do is allow others to use and modify it.

      Other minor annoyances:

      • The title - "UberSecure" this script isn't. Not by any stretch of the imagination. When you're learning and unsure of a script's quality, better to stick with a different title.
      • Version number - I'm curious where "Version 1.5.2" came from. This number shouldn't just be picked out of the air, it should be representative of the stability of the code. Read the Software Release Practice HOWTO for more details on good release practices.

      Hope this helps and best of luck with your future postings :).

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://166232]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2014-04-21 00:26 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (489 votes), past polls