> just because you don't need to parse any binaries doesn't mean your users > won't try to submit one. > > don't forget anyone can create any kind of form that posts to your cgi. > so there's nothing stopping me from creating a form like this: > > <form method="post" action="http://coolhandlukesite/cgi-bin/script.cgi"; > enctype="multipart/form-data"> > <input type="file" name="hugefile"> > <input type="submit"> > </form>
Good point, I hadn't thought of that. My only question is now, what will happen? Is there a security risk I should worry about? Is this really dangerous? Thanks 4 the help. Luke -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
