Hi!
I am using one script to secure the members area and offer several
search functions for am mysql database. another script offers the
possibility to update data in this database. Botth scripts require the
user to ennter name, lastname and password.
Now I want to enable the user to get strai
Heya,
On Mon, May 13, 2002 at 04:42:55PM -0700, Bruce Ferrell ([EMAIL PROTECTED]) said
something similar to:
> Just to throw jet fuel on the fire... cuz they come up on a google
> search for:
>
> cgi perl counter
>
> and nms doesn't! :)
And that is one of the problems some in the community h
Sorry,here are the details:
I'm using one CGI script to generate several search pages (search for
people etc) within a secured area.
I would like to put the navigation sub into one frame, the retrieved
data (sub search1,2...)in another frame.
But I do not want to use an extra script for this.
Just to throw jet fuel on the fire... cuz they come up on a google
search for:
cgi perl counter
and nms doesn't! :)
Seriously, I do use them (ok, did until now) because they're handy,
don't spew errors and I can understand the code. Now that I know they
have problems, probably not anymore...
On 5/13/02 2:43 PM, Kevin Meltzer <[EMAIL PROTECTED]> wrote:
> To sum up.. Matts code is bad. It has various security holes, is not
> maintained, and is in Perl 4. The 'vendetta' has come from years of him
> NOT removing his scripts from the internet (spreading cargo-cult
> programming), and not
If you mean can a CGI script output both the frameset
and all of its pages simultaneously, I don't see how.
What you can do is have each frame call a CGI script
for its content, and have another to generate the
frameset. Each script then outputs its own HTML as
normal.
If this doesn't address you
Ack.. I used to have a nice long, detailed reason why (I think I may
have sent it to someone on this list at some point who asked me the
same question).
To sum up.. Matts code is bad. It has various security holes, is not
maintained, and is in Perl 4. The 'vendetta' has come from years of him
NO
Michael Kelly wrote:
> Ok, I have a question now: What, exactly, started the vendetta that the
> entire Perl community seems to have against Matt's Script Archives? Is it
> the constant security concerns, or is there something else?
there is no vendetta that i know of.
the nms project at sourc
After a quick perusal it seems the replacement form's greatest contribution
seems to be to limit the number of recipients that may be emailed at any one
time. There seem to a number of other improvements and it looks like the
code is updated more to what is recommended here. I do understand the
ob
I must confess I'm not intimately familiar with the
script in question, so I don't completely understand
what the code snippet that drieux included does,
therefore how it is or is not sufficiently secure.
However, I have some more general comments in the way
of clarification.
It seems to me that
On 5/13/02 10:49 AM, fliptop <[EMAIL PROTECTED]> wrote:
> i think what you're missing is there's no point in trying to justify
> running any version of any of matt's code - use the drop in replacements
> at sourceforge or take the (quite unnecessary) risk. it's as simple as
> that.
Ok, I have a
Hello,
I have one updated a script to use the following '-f' flag as a way of
preventing SPAM relaying, and it is working fine,
open(MAIL,"|$mailprog -t -f" . $recipient);
How ever in the following script
&release_risk_html;
never gets returned!
# with
# open(MAIL,"|$mailprog -t");
# i
drieux wrote:
>
> or am I missing something here???
i think what you're missing is there's no point in trying to justify
running any version of any of matt's code - use the drop in replacements
at sourceforge or take the (quite unnecessary) risk. it's as simple as
that.
--
To unsubscrib
On Monday, May 13, 2002, at 09:21 , Camilo Gonzalez wrote:
[..]
> The problems seem to be that it uses the Referer environmental variable to
> exclude spammers and it gives the option of encoding data in the URL. I've
> been told both are considered security risks. My ISP does not think even
> t
On Mon, May 13, 2002 at 09:14:03AM -0700, drieux ([EMAIL PROTECTED]) said something
similar to:
> which version of the code is the 'problem' version?
>
> what is the current specific 'security' issue?
>
> there was a security update to v1.92 on 04/21/02
> has there been some new issue arise???
The problems seem to be that it uses the Referer environmental variable to
exclude spammers and it gives the option of encoding data in the URL. I've
been told both are considered security risks. My ISP does not think even the
latest release addresses these issues and refuses to let Formmail on it
On Monday, May 13, 2002, at 08:52 , Kevin Meltzer wrote:
>
> try the rewrite from NMS:
>
> http://nms-cgi.sourceforge.net/
>
> Cheers,
> Kevin
which version of the code is the 'problem' version?
what is the current specific 'security' issue?
there was a security update to v1.92 on 04/21/02
ha
Hi !
Right now I'm using a cgi-script to create a few html pages.
Somewhere I read the I also can create framesets plus the dependent
html pages via a CGI script.
Where can I find a manual on how to do that? Or can anybody tell me?
Thanks for your help.
Sven
--
To unsubscribe, e-mail: [EM
Thank you all for this link.
-Original Message-
From: Kevin Meltzer [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 13, 2002 10:53 AM
To: Camilo Gonzalez
Cc: [EMAIL PROTECTED]
Subject: Re: Matt Wright's formMail
try the rewrite from NMS:
http://nms-cgi.sourceforge.net/
Cheers,
Kevin
On
try the rewrite from NMS:
http://nms-cgi.sourceforge.net/
Cheers,
Kevin
On Mon, May 13, 2002 at 10:07:54AM -0500, Camilo Gonzalez
([EMAIL PROTECTED]) said something similar to:
> I've just been informned by my ISP that Matt Wright's formMail will no
> longer be allowed on any of their servers
Camilo Gonzalez wrote:
> I've just been informned by my ISP that Matt Wright's formMail will no
> longer be allowed on any of their servers due to glaring security concerns.
> I know now I shouldn't have used it but back then I was stupid and not a
> subscriber to this fine list. Let this serve a
Hi,
Not Matt's Scripts
http://nms-cgi.sourceforge.net/scripts.shtml
-lisa
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I've just been informned by my ISP that Matt Wright's formMail will no
longer be allowed on any of their servers due to glaring security concerns.
I know now I shouldn't have used it but back then I was stupid and not a
subscriber to this fine list. Let this serve as a warning to those still
using
23 matches
Mail list logo
