Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re^3: SQL Injection Queries in Perl/CGI

by hardburn (Abbot)
on Dec 11, 2015 at 14:50 UTC ( #1150038=note: print w/replies, xml ) Need Help??


in reply to Re^2: SQL Injection Queries in Perl/CGI
in thread SQL Injection Queries in Perl/CGI

From what I can tell, there's nothing that needs to be fixed. If the app is meant to throw a 403 when an invalid username is sent, then it's doing the right thing as it is.

Is it supposed to do something else when it gets an invalid user?


"There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.

  • Comment on Re^3: SQL Injection Queries in Perl/CGI

Replies are listed 'Best First'.
Re^4: SQL Injection Queries in Perl/CGI
by chacham (Prior) on Dec 11, 2015 at 15:13 UTC

    there's nothing that needs to be fixed

    Except that it's logging in as root and not another user.

      Ahh, yes, in the initial database handle setup. That should be something other than root.


      "There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1150038]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (8)
As of 2019-09-19 07:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    The room is dark, and your next move is ...












    Results (240 votes). Check out past polls.

    Notices?