Re: Statistical Graphs with gnuplot and mod

open PLOT, "echo \'$plot\' | $gnuplot |" or return SERVER_ERROR;
[download]

Considering that $plot partially consists of unfiltered user input, this looks like a very, very bad idea to me. Not to mention that you do the same with open().

Abigail

Comment on Re: Statistical Graphs with gnuplot and mod_perl Download Code

Replies are listed 'Best First'.
Re: Re: Statistical Graphs with gnuplot and mod_perl by projekt21 (Friar) on Sep 11, 2003 at 09:37 UTC
Yes, you are totally right. I will add the necessary input checking. Thanks++ for reminding. As a partial defense: We run this in a private network, with high restrictions. So only our admin has access to that. alex pleiner <alex@zeitform.de> zeitform Internet Dienste	[reply]