|Problems? Is your data what you think it is?|
Re^3: Mad, bad and dangerous to knowby davorg (Chancellor)
|on Jul 31, 2006 at 15:29 UTC||Need Help??|
Do you really think that Matt's code is easy to read? I think it looks horrible. It's massively overcomplicated, it's full of outdated Perl 4 idioms and it doesn't make any use of modules which would reduce it in length by about a half.
But my biggest problem with it is the number of people who have written other bad code following Matt's example. I'd guess that at least half of the broken, hand-coded CGI parsers that I see are based on Matt's code.
Update: It's also worth noting that whilst the latest version of Matt's formmail is (as far as I can see) free from security holes, older versions that are famously insecure are still in use on hundreds of web servers.
I know that the nms versions of the program are more secure and better written. I hope that they are also easier to read.
"The first rule of Perl club is you do not talk about