>>>>> "Ben" == Ben B <[EMAIL PROTECTED]> writes:
Ben> I can see you feel strongly about this but could you give an Ben> explanation as to why this is bad? A link to some reading would Ben> suffice although I doubt it will be as memorable as the thought of Ben> setting onesself on fire with a flamethrower. For "why not symbolic references", the classic reference is MJD's piece on that at <http://perl.plover.com/varvarname.html>. For "why not eval", there are both security and maintenance issues, most of which I learned in my 35 years as a programmer (so far), so I don't have a quick reference. It's similar to the issues that face SQL injection and cross-site scripting attacks though. I did an article on SQL injection at <http://www.stonehenge.com/merlyn/UnixReview/col58.html>, although that's a lot more about the security than about maintenance. For the maintenance aspect, consider how hard it is to debug source-filtered Perl where the lines in the debugger never match the original lines you wrote, but that's just the tip of the iceberg. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[email protected]> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ Mason-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mason-users
