in reply to Re: Re: Re: Re: Re: making first letter of all words in array upper case
in thread making first letter of all words in array upper case

  1. You've removed "-w", "-T" and "use strict" from your program. No CGI program should be deployed without using all of those.
  2. You've switched from using CGI.pm to a buggy homemade CGI parameter parsing routine.
  3. You still send input from the form to an email address that also comes from the form. I told you that you should only ever send fixed content to email addresses that you get from user input.
  4. The relevant FAQ suggests including "-oi" in the options that to pass to sendmail for good reason. You ignore that advice.

There's probably more, but these were problems I picked up on in the first minute of looking.

Have you read any of the CGI security documents that merlyn pointed you at?

--
<http://www.dave.org.uk>

"The first rule of Perl club is you do not talk about Perl club."
-- Chip Salzenberg

  • Comment on Re: Re: Re: Re: Re: Re: making first letter of all words in array upper case

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Re: Re: making first letter of all words in array upper case
by iamrobj (Initiate) on Jan 01, 2003 at 21:26 UTC
    "You still send input from the form to an email address that also comes from the form"... How else can someone tell their friend about my site through my site?!
[reply]
      "You still send input from the form to an email address that also comes from the form"... How else can someone tell their friend about my site through my site?!

      By sending an email message that consists of just fixed content. You were doing fine until you decided to include the contents of $message - which could contain anything.

      --
      <http://www.dave.org.uk>

      "The first rule of Perl club is you do not talk about Perl club."
      -- Chip Salzenberg

[reply]
A reply falls below the community's threshold of quality. You may see it by logging in.

In Section Seekers of Perl Wisdom