Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: Help make upload from web secure

by robsv (Curate)
on May 10, 2001 at 20:29 UTC ( #79458=note: print w/ replies, xml ) Need Help??


in reply to Help make upload from web secure

Just a quick comment- when you're writing CGI programs, it's a really good idea to use the -T command-line switch to enable taint checking:

#!/usr/bin/perl -Tw
Searching for "taint" here on Perl Monks will yield some good information. In terms of a regex to do some checking for you, The Camel ("Programming Perl", third edition) offers many suggestions in Chapter 23 ("Security"). Here's an example from the book that checks that $string contains only "word" characters:
if ($string =~ /^([-\@\w.]+)$/) { $string = $1; } else { die "Bad data in $string"; }


- robsv


Comment on Re: Help make upload from web secure
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://79458]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (6)
As of 2015-07-29 23:50 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (269 votes), past polls