I would devise several hashes, keyed on the name of the CGI parameter:
eg
error_string{'name_first'}='The First Name field was
either blank or contained illegal characters. Please go back and re-enter
it.';
regexp_string{'name_first'}='^(\w[\w ]*)$';
...
and then construct a loop to check them
--- Teresa Raymond <[EMAIL PROTECTED]> wrote:
> Curtis,
>
> What part of the code that you posted actually does the untainting?
>
> >Here's one way to grab the data and untaint it in one line:
> >
> >my ( $name ) = ( $q->param('name') =~ /^(\w+)$/ );
> >
> >Note that the parentheses around *b
-Original Message-
From: shawn [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 10, 2001 10:40 AM
To: perlcgi
Subject:
I'm stuck...
-using CGI.pm
I've created an "edit" cgi-forms-page to edit values/items in a database.
What I want to happen is to have the form fields ( there are seve
Greetings,
I have a script which draws some graphs and everything works fine, except I
have to push "reload" in browser every time to get a valid picture. So far I
used these headers but with no luck. Browser is Netscape 4.xx under Linux.
print "Content-type: image/png\n";
print "Pragma: no-ca
Hi all,
First, I know what when I untaint a value passed to my
script using CGI, I need to check for what I want, not
what I don't want.
But, since I'm even more of a newbie to the world of
unix than I am to Perl, are "#" bad ... ie, can they
do dangerous things?
I'd like users of my script to
So was I ...
I could not find a very good discussing on the topic so maybe someone
else can supply some references but the "answer" is the
"-nosticky" option and pragma ... "use CGI qw/-nosticky/;"
I would guess that the idea was for the CGI user NOT to have to re-reference
a "named" parameter
Well I found my problem
Had nothing to do with CGI.pm. My database structure was different for one
column in two different tables( int(2) , int(3) ) and CGI was looking for a
3digit to match and was only finding a 2digit, so no default was ever
matched to the .
Also, forcing the default
