Adam Jimerson wrote:
Gunnar Hjalmarsson wrote:
There is only one suspected variable to consider, i.e. $name, which is
probably tainted. Untaint it, and you are done. ( You remember where to
find out how, right? ;-) )
According to perlsec I need to use it as a key in a hash or reference a
substring. The example given is
,----[ ]
if ($data =~ /^([...@\w.]+)$/) {
$data = $1; # $data now untainted
} else {
die "Bad data in '$data'"; # log this somewhere
}
`----
When I tried it, using the same search string,
What happened then? Show us the code and possible error messages, please.
all I need is to check for
alphanumeric characters to cover the name, email address and a message.
Are there tainted email address and message variables also?
Is there something wrong with the above search string?
Only you can tell, I suppose...
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl
--
To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org
For additional commands, e-mail: beginners-cgi-h...@perl.org
http://learn.perl.org/
