I had this problem once before so here I am again..looking for a real solution this time rather than a quick fix. I have a form which stores data into an SDBM database and some monkey head has went of their way to mess it up. It's messed up in a way I can't even figure out how to delete their data!!

http://sulfericacid.perlmonk.org/rac/rac/mark/delete.pl is the page I am working on. I am trying to get rid of the large paragraph that's there, please don't click on the other delete's!! I have a backup of the db, but just try the big one :)

I am doing a print-all on everything in the database and trying to delete the hash key, but for some reason on the messed up data it keeps saying "information not found!".

The script I am using to try and delete these evil things is: 

use warnings;
use POSIX;
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);


# You are requested not to change any configurations in this file.
# Everything is setup to function as-is, any tamporing may damage
# the script.

require SDBM_File;

my %emails;
my %snailmail;

my $snail     = "snail.dbm";  #change to location of snail mail databa
+se
my $list      = "mylist.dbm"; #change to location of email database

my $del = url_param('del');

tie %emails, 'SDBM_File', $list, O_CREAT | O_RDWR, 0644;
if ( !tied %emails ) {
    print "database unsuccessful $!.\n";
    }


tie %snailmail, 'SDBM_File', $snail, O_CREAT | O_RDWR, 0644;
if ( !tied %snailmail ) {
    print "database unsuccessful $!.\n";
    }

print header, start_html('Email Management');


foreach(keys %emails)
{
  print qq($_ => $emails{$_}    [<a href="delete.pl?del=$_">delete?</a
+>]<br><br>);
}


if ($del ne "")
{
  if (exists $emails{$del})
    { delete $emails{$del}; }
  else { print "<center><font color=red>This data can not be found!</f
+ont></center>";}
}

[download]
On the email-add form itself, I tried to add my own "anti-hack" security and it worked..a lot better than not using it. What I used for each field was something that looked like this: 
   $name =~ s/</&lt\;/gi;
   $name =~ s/://gi;
   $name =~ s/TO//gi;
   $name =~ s/FROM//gi;
   $name =~ s/SUBJECT//gi;

[download]
Which removes all the nasty things that I can't have in my database because this connects to an emailer. Any tips on how to get my delete script to work to get rid of this crap would be very helpful and if you know of better ways to keep this data from getting into the DB to begin with, I am more than willing to learn the security I need.

Thank you!



"Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"

sulfericacid

In reply to deleting hash keys (script has been tampered with) by sulfericacid

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.