P is for Practical | |
PerlMonks |
Re: The danger of hidden fieldsby wardk (Deacon) |
on Jul 23, 2002 at 14:25 UTC ( [id://184424]=note: print w/replies, xml ) | Need Help?? |
Having worked in a few large shops, I suspect what you are describing
is an internal application (firewalled off), therefore the concern by
management about getting cracked is minimal.
If this is a serious application, as opposed to lets say an internal app that collects suggestions for the departments next picnic location, then you should perhaps push your point. Before doing so, make sure you can articulate how this can be a problem (which is one reason you are here now, a good start)...what are the ramifications of having bad data? i.e. Can someone give themselves a raise?, modify their vacation days? put their daily pizza order on the company card? obtain a staple and paperclip supply above and beyond the maximum allowed? If the risk is trivial, and management isn't interested in hearing about good coding practice, then back off and treat this as a learning experience. If you have a traditional Dev/test/prod type environment, then your risk of demonstrating the flaw is greatly diminished. Since you admit being new to Perl (as well as the company) I would suggest garnering some support from those more experienced, someone who is respected by your management/peers (is there a "guru" around?). Another option depending on the size of the company is to speak directly to a representative of a IT support dept, preferrably security. Explain the scenario and ask for advice. If they are doing their job, they will quite possibly take the ball and just run with it (be sure that your manager knows you are seeking their consultation, so he/she's not blindsided by a overzealous security analyst). Appears to me like you are simply being a conscientous employee. Hopefully you work in a place where such behavior is valued. good luck.
In Section
Seekers of Perl Wisdom
|
|