Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Syntax and code debugging

by Desdinova (Friar)
on Oct 23, 2001 at 08:30 UTC ( [id://120708]=note: print w/replies, xml ) Need Help??


in reply to Syntax and code debugging

A few things in addition to what is mentioned
  • the obligitory mention of Taint mode. you should add a -T to the /usr/bin/perl -w line. Then you need to check the validity of the input line from the web page. you are trsting the user not to put extra .. and /'s in that could redirect the open command to operate on say ../../../etc/passwd for example.
  • You are making assumptions that the filename given will be file.ext and it will break when it gets something like file.ext.gz which is valid on some OSs
  • You could save yourself some parseing of the filename by using FILE::BASENAME
UPDATE:Fixed 'not enough sleep this week' typo picked up by blakem

Replies are listed 'Best First'.
Re: Re: Syntax and code debugging
by blakem (Monsignor) on Oct 23, 2001 at 08:42 UTC
    Taint mode is specified with the -T switch, not -t. (-t doesn't seem to be assigned to anything)

    -Blake

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://120708]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (3)
As of 2024-04-26 01:21 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found