Re^3: SQL Injection Queries in Perl/CGI

From what I can tell, there's nothing that needs to be fixed. If the app is meant to throw a 403 when an invalid username is sent, then it's doing the right thing as it is.

Is it supposed to do something else when it gets an invalid user?

"There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.

Comment on Re^3: SQL Injection Queries in Perl/CGI

Replies are listed 'Best First'.
Re^4: SQL Injection Queries in Perl/CGI by chacham (Prior) on Dec 11, 2015 at 15:13 UTC
there's nothing that needs to be fixed Except that it's logging in as root and not another user.	[reply]
Re^5: SQL Injection Queries in Perl/CGI by hardburn (Abbot) on Dec 11, 2015 at 15:48 UTC
Ahh, yes, in the initial database handle setup. That should be something other than root. "There is no shame in being self-taught, only in not trying to learn in the first place." -- Atrus, Myst: The Book of D'ni.	[reply]