On Wed, Nov 28, 2001 at 08:46:36AM -0800, Randal L. Schwartz ([EMAIL PROTECTED]) said something similar to: > Never trust CGI params. > Never trust CGI params. > Never trust CGI params.
I'll add to that: Never trust user input Never trust database data Never trust command line params Never trust anyone over 30 Never trust file data Never trust your environment Never trust anything which you didn't explicitly set or launder Cheers, Kevin -- [Writing CGI Applications with Perl - http://perlcgi-book.com] My PID is Inigo Montoya. You kill -9 my parent process. Prepare to vi. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
