The situation was a misbehaving form on a system I am maintaining. Further investigation of the code for the form revealed other problems, such as improper use of eval. The problem boiled down to -- rewrite or do spot fixes.
Wiggins gave some great advice, and I ended up rewriting at least 50% of the code for the form.
This was a particularly devilish problem because it turns out there were several things wrong.
1. The form was not properly limiting the length of the data it accepted in some fields.
2. Some fields in the database were not of the proper type/length to accept reasonable data (!?)
3. The perl code did very little to validate user inputs and correct problems with the data (!?)
4. The user interface looked like crud (not as big a deal, but important) and did not provide a verbose confirmation to users.
I would have worked through this faster if I had not assumed that since the form had worked 'well enough' for a couple years it must only have a minor problem or two. The fix involved use of the quotemeta function (very handy!), fixing the sql field definitions, and several regex transformations to get rid of some common user errors (such as pasting in text that contained tabs)....and a fair amount of time to improve the interface. Now it's very stable, and visibly better. I didn't go the route of binding variables (as Wiggins suggested), but might later. Another validation layer to consider is javascript to check data before submit.
I guess my advice then is to not avoid reevaluating an entire system just because it's currently 'good enough' and you hope it's a quick fix. And thanks again.
-Chris
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
