in reply to Re: ticked off with backticks
in thread ticked off with backticks

No no. The $cmd stuff is all internally generated in the CGI. The user just selects stuff from scrolling lists.

Bret

Replies are listed 'Best First'.
Re^3: ticked off with backticks
by revdiablo (Prior) on Aug 19, 2004 at 16:46 UTC

    Generating $cmd inside the CGI is good, and your code may indeed be safe (hard to judge without seeing the actual code), but using dropdown lists does not help. Users can make their web clients submit anything they want, really.

[reply]
[d/l]

In Section Seekers of Perl Wisdom