in reply to Re: Is this safe??
in thread Is this safe??

I was trying to copy the way this other cgi that my company was using, that stoped working for who knows why, this is way it uses file names passed in by the user.

"I would say it's fairly unlikely you'll have a query string AND posted data at the same time"
The mail program uses a template for the email it sends, this txt file is specified in the action line like so action="" The form data is sent via the post method.

This script works fine, I just dont want to miss anything. What do I need to check to make sure I'm not letting anything slip by? is it the data being used to open files? or all the data being sent?