ovid's node Death to Select Star! suggests that this may not be a good idea.SELECT *
You may consider using placeholders btrott explains why you might want to user them
To my ignorant eye, it looks like you have a seperate table for each userID. This feels weird and looks like it might make it hard to do stuff like:
....Also to my eye, HERE documents are nicer way to format SQL than a single line of text.my $sql="HERE_DOC; SELECT p.userID, LEN(p.passwd) FROM password p WHERE LEN(p.passwd)<6 GROUP BY p.userID; HERE_DOC"
It might be easier to follow if your main function wasn't CheckPass(). It is a bit more conventional to do something like this inside main():
You might define some global constants and comments at the top of your program so if the name of your database changes, you or your replacement could change the constant without really remembering how your script worked.if ( !CheckPass() ){ #bail }else{ # continue }
As others have pointed out, you may wish to enable taint mode by putting a -T as an argument to perl on your #! line (oddly enough perldoc perlrun indicates this will workin in windoze as welluse constant SCRIPT_DB => 'script_db' # use constant PASSWORD_TABLE => 'passwd'; #
This will make your program choke on this line:
...because you have not removed all the shell characters and somebody could ask you to open a | pipe to a bad command or twoopen FILE, $q->param('File')
..Hope this helps. I'm sure a more knowledgeable monk will point out any problems with my problems
In reply to Re: Easy Script Editor
by mandog
in thread Easy Script Editor
by George_Sherston
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |