Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: PERL, SQL, and Web Publishing Security

by rnahi (Curate)
on Nov 21, 2005 at 11:34 UTC ( #510420=note: print w/replies, xml ) Need Help??

in reply to PERL, SQL, and Web Publishing Security

Is there a place on this site where I should post this appropriately?

I don't think so, and I give you the main reasons.*

I give you credit for recommending taint mode and placeholders, but here is a list of unforgivable sins in your examples and code.

  • Nowhere in your code you are using strict or warnings;
  • You call open and other functions without checking the return values;
  • You use $1 without cheking if a regular expression succeeded.
  • You use variables $a and $b as examples, but you should know that they are global variables that you should not mess with, because they are used for sorting;

Moreover, although it isn't a mortal sin, Perl is not spelled 'PERL'.

Free piece of advice: before writing your next would be masterpiece, have a look at our Tutorials, and try to conform to what we believe are the high standards of Perl.

P.S. Have you seen Ovid's CGI Course?

* These lines are not the official PM policy, but just what I personally think, although I am quite sure that many monks share the same feelings.

  • Comment on Re: PERL, SQL, and Web Publishing Security

Replies are listed 'Best First'.
Re^2: PERL, SQL, and Web Publishing Security
by tectonic (Initiate) on Nov 21, 2005 at 18:14 UTC
    I went through and fixed some of these concerns. Thanks very much for your feedback, I'm obviously learning from all of this as well.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://510420]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (3)
As of 2018-06-24 11:24 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (126 votes). Check out past polls.