Hey all,

I want to start using Taint mode for a script I'm building that requires retrieving an uploaded file from a input in a form.

When trying to use the -T switch, it gives the message: Too late for "-T" option at upload_test.pl line 1.

This node is basically similar to: http://perlmonks.org/index.pl?node_id=22210

The last post by user doran is probably my best solution.

I'm running Windows IIS and my registry key for perl scripts is :
c:\perl\bin\perl.exe %s %s

Now to fix this, Doran says to modify that line to:
c:\perl\bin\perl.exe -T %s %s

A question before doing this. Will it affect all perl scripts ran? I never used the taint mode and wondering would I need to change a lot of work in my scripts. Most of my scripts involves user input!...Such as signing up for membership where the script collects all user info to be added in a MySQL db and a simple password retrieval script that takes the user's e-mail from a input box.

Should I seriously take in consideration to taint all those scripts? This site may have a lot of hits so security may be a concern. I wish I knew about tainting and untainting earlier, I just went through all my scripts to incorporate the strict command and now I might need to do a similar re-editing process! ahhh... =)

Thank you,

Anthony

In reply to Another Taint question on Windows by perleager

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.