Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: Two-arg open() considered dangerous

by Anonymous Monk
on Dec 13, 2001 at 01:09 UTC ( #131405=note: print w/replies, xml ) Need Help??


in reply to Two-arg open() considered dangerous

Dake Desu... cannot remember my pass, seeing as how I have not made a mental mnemoric for it yet, and I cannot check my email for it at school (Never write your passwords down).

How 'bout 
$filevar ~= s/>/>/g;
open FILE, "<mode>$filevar" or die "Could not open file: $!";

If an end user decides to add those ">" to the variable, and be generally evil, it will blow up in their face...

Also adds some security for CGI, if your doing something like a forum ^_^.

Ps: I will never get use to HTML in forums ^_^

  • Comment on Re: Two-arg open() considered dangerous

Replies are listed 'Best First'.
Re: Re: Two-arg open() considered dangerous
by chip (Curate) on Dec 13, 2001 at 03:10 UTC
    Two major points off for your comment:
    1. Replacing ">" doesn't address "|" or leading spaces.
    2. Re-inventing HTML::Entities -- poorly -- is stupid.

        -- Chip Salzenberg, Free-Floating Agent of Chaos

      You left out the meta point-off for "don't write down your passwords; send them in clear text through email."

      Update: This appears to be my 100th post. w00t!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://131405]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (7)
As of 2017-11-19 16:24 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In order to be able to say "I know Perl", you must have:













    Results (282 votes). Check out past polls.

    Notices?