Is the following all I need to untaint data?
#!/usr/bin/perl use CGI qw/:standard/; my $name = param('name'); $name =~ s/(\w+)/$1/;
That does not untaint anything.
What you need to do to learn about tainted mode is reading the applicable docs:
perldoc perlsec
What can I do limit string length to 40 characters?
Use a suitable function, or a regex, or something like that. What have you tried?
-- Gunnar Hjalmarsson Email: http://www.gunnar.cc/cgi-bin/contact.pl
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
