in reply to
Re: Re: Re: A serious security problem with CGI.pm 3.01?
in thread A serious security problem with CGI.pm 3.01?
I like CGI.pm, but my very successful six-figure per annum website brother refuses to use it. He says that CGI.pm hides from the programmer what is going on and gives the impression that running CGI is some arcane and mysterious art.
I asked my brother what about using param() to handle non-standard characters in HTML form input. He said he has a few regexes that do it and he doesn't need Lincoln Stein's code to check input for him.