Even if the user selects something valid from the drop down menu he is getting the backward error.....on every selection he makes. Any idea why the script reaches that specific error code block?print header( -charset=>'utf-8' ); my $passage = param('select') || "Αρχική + Σελίδα!"; my @files = glob "$ENV{'DOCUMENT_ROOT'}/data/text/*.txt"; my @display_files = map m{([^/]+)\.txt}, @files; Encode::from_to($_, 'ISO-8859-7', 'utf8') for @display_files; if ( param('select') ) { #If User selected an item from the drop do +wn menu unless ( grep { $_ eq param('select') } @display_files ) #If User + Selection doesn't match one of the passages then its a Fraud! { if ( param('select') =~ /\0/ ) { $passage = "*Null Byte Injection* attempted & logged!"; print br() x 2, h1( {class=>'big'}, $passage ); } else { $passage = "*Backwards Directory Traversal* attempted & logge +d!"; print br() x 2, h1( {class=>'big'}, $passage ); } $select = $db->prepare( "UPDATE guestlog SET passage=?, date=?, +counter=counter+1 WHERE host=?" ); $select->execute( $passage, $date, $host ); exit; }
i noticed on the url that when i submit my selection it looks like this: http://nikos.no-ip.org/cgi-bin/index.pl?select=item_from_drop_down_menu&ok=ok
You can try it too and you will notice that the submit variable (ok is its name) is showing up twice!
In reply to somethign wrong with the sumbit by Nik
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |