in reply to Re: somethign wrong with the sumbit
in thread somethign wrong with the sumbit

I don't understand what you try to tell me

I believe iam asking if the submitted user selection from the drop down list contains the null string....and if yes iam printing a custom error message.

That can happen because sometimes people instead of making a selection from the drop down menu they pass values to variable $select from the url like this: http://nikos.no-ip.org/cgi-bin/index.pl?select=../somefilename.ext or attach a null string to attempt to hack the page.

Replies are listed 'Best First'.
Re^3: somethign wrong with the sumbit
by Anonymous Monk on Dec 29, 2007 at 13:07 UTC
    and ELSE you get the backwards error... you need rest
[reply]
      well yes iam aware of that, because i didnt knew how to check for the existense of a backwards error.

      I mean in the null byte string iam testing against the null string, in the backwards error test what? if the submitted param contains slashes and dots?

      Apart from that you didnt point to me whats wrong with the if structure that you say its always false.

[reply]
        if the submitted param contains slashes and dots?
        You aren't testing against that. You just say 'else' without a test. So if there's no null byte in the param, you assume there's a "*Backwards Directory Traversal*".

        --shmem 

        _($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
[reply]
        A reply falls below the community's threshold of quality. You may see it by logging in.
        You asked why you get backwards error, this is why, because your code is 
        if ( almost-always-false ) {
  hey null  byte
} else {
  hey backwards error
}

        [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom