to the error log would hang the process?
use CGI::Carp qw(fatalsToBrowser warningsToBrowser);
--
ZSDC Perl and Systems Security Consulting
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
It
makes a snapshot of all your installed CPAN modules which you can then
install all at once later after you upgrade perl on your system or
anywhere else.
See: perldoc CPAN
http://search.cpan.org/search?module=CPAN
--
ZSDC Perl and Systems Security Consulting
--
To unsubscribe, e-mail: [E
know how to lexically ignore particular
warnings and strictures, and I wouldn't call them beginners in the first
place.
Sorry for a long and off-topic post, but I just wanted to say that there
is absolutely nothing which would be impossible to do with:
use strict;
use warnings;
in the be
ommand-line argument, so instead
of this:
my $first = $q->param('first');
there should be:
my $first = $q->param('first') || 'default value';
Now it works, but is insecure. There is a cross-site scripting
vulnerability. You should change:
print $first;
t
$!;
and see what it says. Watch out for whitespace.
--
ZSDC
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
Camilo Gonzalez wrote:
zsdc wrote:
Camilo Gonzalez wrote:
zsdc wrote:
Tracy Hurley wrote:
Camilo,
I don't think you need to put $email in quotes to do the check, but
it works if you do. Try this:
if $email =~/@.*@/g || $email =~ /\n/s;
It still might not be secure depanding on how $
Camilo Gonzalez wrote:
zsdc wrote:
Tracy Hurley wrote:
Camilo,
I don't think you need to put $email in quotes to do the check, but
it works if you do. Try this:
if $email =~/@.*@/g || $email =~ /\n/s;
It still might not be secure depanding on how $email is being used
later. Is it used
ct(-as_email => 'email');
You should do the same with other parameters, like name and address. You
might need to write your own handler, but it's very easy. Here's an
example from the CGI::Untaint documentation, to match a single digit:
package Mysite::CGI::Untaint::digit
u are trying to do. It prints "name"
fields of every row containing "us", "mx" or "ca" in its "country"
field. You have to tune it to your own file format.
--
ZSDC
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
[EMAIL PROTECTED] wrote:
I need to send a mail from the cgi. It must be able to have a reply or
sender as someone different from the local web owner (apache).
See http://search.cpan.org/modlist/Mail_and_Usenet_News/Mail
--
ZSDC
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands
e C files using the standard and 'optimised' C backends.
"The code generated in this way is not guaranteed to work. The whole
codegen suite ("perlcc" included) should be conĀ sidered very
experimental. Use for production purposes is strongly discouraged."
--
ZSDC Perl Consulting
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
dea:
open FILE, '<', $file
That way the "command|" argument won't work, but there still is a
problem with double dots or slashes in $path.
In my opinion the -T switch is a must for CGI scripts.
--
ZSDC Perl and Systems Security Consulting
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
updating the empty columns ?
Few weeks ago Kake Pugh wrote an article on Perl.com entitled How to
Avoid Writing Code:
http://www.perl.com/pub/a/2003/07/15/nocode.html
It's about using Class::DBI and the Template Toolkit. It might be
exactly what you are looking for.
-zsdc.
--
To unsubs
ually, it's the same as just:
print "Content-Type: application/pdf\n\n";
CGI.pm is great but it's an overkill for just printing HTTP Content-Type
header.
-zsdc.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
e
quite a good clue that it's somehow related to the
[EMAIL PROTECTED] mailing list.
(By the way, it's not [EMAIL PROTECTED], but [EMAIL PROTECTED], so
your acronym should probably be [PBCML], [BCPML], [BCPOML] or something
like that.)
-zsdc.
--
To unsubscribe, e-mail: [EMAIL PROTE
Octavian Rasnita wrote:
Yes, it should be used
... == 1
without quoting the numbers.
It doesn't really matter:
#!/usr/bin/perl -wl
die unless 3 == "3"
and 1 != "3"
and 2 eq "2"
and 3 ne "1"
and 5 eq 5
and "6" == &qu
ode, you'll see
that it works just fine.
-zsdc.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
other part of your code is changing it? Insert:
print "variable is $variable\n";
just before the "if." Do you have:
use strict;
use warnings;
in the beginning of your program?
-zsdc.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
can also quote it yourself:
http://search.cpan.org/author/TIMB/DBI-1.37/DBI.pm#quote
but placeholders are better.
-zsdc.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
19 matches
Mail list logo