Gunnar Hjalmarsson wrote: > Adam Jimerson wrote: >> >> According to perlsec I need to use it as a key in a hash or reference a >> substring. The example given is >> >> ,----[ ] >> if ($data =~ /^([...@\w.]+)$/) { >> $data = $1; # $data now untainted >> } else { >> die "Bad data in '$data'"; # log this somewhere >> } >> `---- >> >> When I tried it, using the same search string, > > What happened then? Show us the code and possible error messages, please. > >> all I need is to check for >> alphanumeric characters to cover the name, email address and a message. > > Are there tainted email address and message variables also? > >> Is there something wrong with the above search string? > > Only you can tell, I suppose... >
I attached my code for my program, the error doesn't happen until the form is filled out. The error that I get is "Insecure dependency in piped open while running with -T switch at /srv/www/cgi-bin/contact line 96." All the variables that have user submitted content go through the above search string as soon as the program retrieves it.
contact
Description: Perl program
-- To unsubscribe, e-mail: beginners-cgi-unsubscr...@perl.org For additional commands, e-mail: beginners-cgi-h...@perl.org http://learn.perl.org/