I think, CGI::Validate would have been a better name since it describes what its supposed to be doing better and if it happens to untaint data in the process so be it.
You have a point there. If the module enforces validation of form data, it does a good thing. All too many scripts out there don't validate the data properly. Forcing people to think is good. :)
(Maybe have an untaint function that untaints all theinput but agian why have taint mode on at all if you're doing that?)
The idea seems to be to combine validating and untainting, and like you I question that idea. Most user data never need to be untainted, and I think it's good that you think twice before using such data in system operations.
OTOH, since only validated data get untainted, maybe it does not hurt too much.
Comments from others would be appreciated. Michael, what's your thinking behind using CGI::Untaint?
-- Gunnar Hjalmarsson Email: http://www.gunnar.cc/cgi-bin/contact.pl
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
