Re^3: Hacker Proofing My First Script

Yes that is secure. Still a bit ugly, but secure nonethless. Why declare $sth at the top, miles from where you use it? Why collect the return codes in $rc - you don't *do* anything with them? It is much more convenient to put constants like your DB passwd etc at the top so you can find them.

You have a bug. The $q->redirect header will never be acted upon as you terminate the headers with your Content-Type header. You don't need that header, just the redirect. Also print $q->header() will give you a valid header so if you are using CGI why not use it. <code>

cheers

tachyon

Comment on Re^3: Hacker Proofing My First Script Download Code

Replies are listed 'Best First'.
Re^4: Hacker Proofing My First Script by awohld (Hermit) on Oct 04, 2004 at 06:05 UTC
I use the $rc return code because I got it as an example out of a book. This is my first DB script so I'm still getting a handle on it. Thanks Adam	[reply]
Re^5: Hacker Proofing My First Script by tachyon (Chancellor) on Oct 04, 2004 at 07:08 UTC
I realised that, the point was simply to help your programming thinking, which is basically I am doing this that way because..... Have fun with it. cheers tachyon	[reply]