While using a package for an additional name-space is a good use of packages, I disagree with the practice of ever using symbolic references to create variable names from input that came from the outside world (ie, CGI).

You're doing two of the most dangerous possible things in one fell swoop: using symbolic refs, and taking user input. The latter cannot be avoided, but striking matches in the vicinity of gasolene really is not the safest way to illuminate the inside of the gas can.

You will save yourself a lot of headaches by taking a few minutes to read the following three eye-opening links:

And for a quick reminder of just how bad things can get if you botch web-security: Company hacks through my Perl's Website Security hole.

One of the best ways to handle CGI parameters is to use the CGI.pm module's param() method, and store your parameters in a hash.


Dave

In reply to Re: How to reference variables in another package via keyword names by davido
in thread How to reference variables in another package via keyword names by theAcolyte

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.